Gerardo Galván is a Security Associate Principal with 16 years of hands-on experience in red teaming, malware analysis, penetration testing and network security, currently leading offensive engagements at FusionX from Mexico. He has deep reversing and detection-rule expertise—having developed signatures and analyzed diverse malware—and contributed to the Suricata IDS/IPS project by adding features like icmp_id support and detection_filter enhancements. His background spans government and private-sector assessments, research roles at FireEye/Mandiant, and academic teaching in reverse engineering and malware analysis. Gerardo combines practical exploit and protocol-level knowledge with cryptography training from multiple master's programs, and he has also served as a technical reviewer for notable security and cryptography texts. Notably, his mix of open-source contributions to a widely used IDS and long-term consulting work gives him a rare blend of defensive telemetry insight and offensive tradecraft.
16 years of coding experience
9 years of employment as a software developer
Master of Science, Security and Mobile Computing, Master of Science, Security and Mobile Computing at NordSecMob-programme
Bachelor's, Bachelor's at CINVESTAV
Information Security, Information Security at Université de Luxembourg
Master of Science - MS, Information Security and Telematics, Master of Science - MS, Information Security and Telematics at Norges teknisk-naturvitenskapelige universitet
Master of Science, Cryptography, Master of Science, Cryptography at Tartu Ülikool
Bachelor of Computer Systems Engineering, Computer Sciences, Bachelor of Computer Systems Engineering, Computer Sciences at Instituto Tecnologico de Morelia
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.
Role in this project:
Backend Developer & Security Engineer
Contributions:50 commits in 1 year 6 months
Contributions summary:Gerardo primarily focused on enhancing the Suricata network intrusion detection system. Their contributions involved implementing features like the `icmp_id` keyword support, which is used to match on ICMP identifiers, and the `detection_filter` keyword, which provides filtering capabilities. Additionally, they addressed several bugs, improved error messages, and updated dependencies, enhancing the system's stability and reliability.
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.