Who we are

After 10 years of research at LORIA (Laboratoire Lorrain de Recherche en Intelligence Artificielle), we now use our know-how to characterize and protect computer systems from the most hidden threats.

Our specialty

Today, we are the only ones able to apply the morphological analysis method, which consists in characterizing a threat by its behavior and not only from our malware database. Therefore, we can easily recognize a new virus or its variant and materialize it into control flow graphs. This innovation, coupled with formal methods tools, offers a singular and unequalled accuracy on executable files and does not require a learning phase.

Why a Gorilla ?

Although we are all fans of King Kong, our solutions were named GORILLE by the DGA (French General Directorate of Armaments) during our first proof of concept.

We were finally seduced by this name, which represents our business perfectly: a powerful tool, devastating in the face of threats, unchanging and above all benevolent.

5% of threats are responsible for 95% of the damage

We couldn’t stand by and watch

Entrusting us with the protection of your IT assets is to guarantee you:


A perfect integration with your tools (EDR, XDR,…)


A comprehensive detection of elaborate APT or obfuscated threats


An accurate aid to understanding threats


An immediate qualification of the infection


An incomparable characterization thanks to morphological analysis

Our team

Régis Lhoste


Stéphane Gégout

Chairman of the Supervisory Board

Guillaume Bonfante

Scientific Advisor

Jean-Yves Marion

Scientific Advisor

Fabrice Sabatier

Scientific Advisor

Case studies

GORILLE Cloud and the case of the Emotet malware

There are many variants of the malware known as “Emotet”. The Trojan horse is the most expensive in the world, which is why it is necessary to secure information systems against this malware.

Unfortunately, classic antivirus programs cannot detect the variants of the Emotet malware.

The GORILLE Cloud solution that we offer to our customers is used via its API in automatic mode and in full transparency for the end users.

Celle-ci, grâce à l’analyse morphologique, est capable de repérer toute trace d’intrusion malveillante via un programme exécutable (win32, macOS, Linux ou PAK).

GORILLE Expert and the Ryuk ransomware case

Ryuk is one of the most virulent ransomwares and affects both large companies and organizations of vital importance (OVI).

It is very complicated to know the nature and extent of the damage caused by its attack in order to remedy it quickly and effectively.

GORILLE Expert, thanks to the morphological analysis technology, detects and analyzes all threats present by executables (win32, macOS, elf or APK).

This state-of-the-art solution allows the company to confirm and identify the threat in order to quickly obtain remediation recommendations. GORILLE Expert even recovers the encryption key of the malware in order to allow the recovery of all or part of the customer’s data.

Our clients & partners