About

I'm the CEO and Co-Founder of SlashID, an identity security and governance platform that detects and prevents identity-based attacks.

Before SlashID, I founded IperLane, a mobile security company that was acquired by CrowdStrike. At CrowdStrike, I served as Senior Director, shipping the Falcon for Mobile product, sourcing and executing the acquisition of Preempt Security (now Falcon Identity Protection), and managing the Falcon Fund cybersecurity venture fund.

My earlier career was dedicated to offensive security research. Together with Ralf-Philipp Weinmann, I won Pwn2Own by demonstrating the first public return-oriented programming exploit on an ARM processor, compromising the iPhone 3GS through Safari. I also co-developed the exploit that defeated BlackBerry OS security at Pwn2Own. I co-authored the iOS Hacker's Handbook (Wiley) alongside Charlie Miller, Dion Blazakis, Dino Dai Zovi, Stefan Esser, and Ralf-Philipp Weinmann.

I've served on the Black Hat Review Board and as an Associate Researcher at the MIT Media Lab. I hold a BS in Computer Engineering from Politecnico di Milano.

I'm also an active angel investor, backing companies across cybersecurity, developer tools, healthcare, and infrastructure.

Fields of Expertise

Identity Security

Detection and prevention of identity-based attacks, federation security, Agentic AI identity, IGA, non-human identities.

Offensive Security & Vulnerability Research

Exploit development, return-oriented programming, browser exploitation, sandbox escapes. Two-time Pwn2Own winner.

Mobile Security

iOS and mobile platform security research, mobile threat defense product development, device exploitation and hardening.

Fuzzing & Program Analysis

Zero-knowledge fuzzing techniques, binary analysis, anomaly detection, and automated vulnerability discovery.

Reverse Engineering

Mach-O binary analysis, in-memory injection, Mac OS X and iOS internals, ARM architecture.

Company Building

Founded two companies (SlashID, IperLane). Executed strategic acquisitions at CrowdStrike including Preempt Security.

Venture & Angel Investing

Active angel investor across cybersecurity, developer tools, healthcare, and infrastructure. Managed the Falcon Fund at CrowdStrike.

Security Policy & Export Controls

Contributed to Wassenaar Arrangement discussions on export controls for surveillance technologies and intrusion software.

Career

CEO & Co-Founder

SlashID

Leading the development of an identity security platform that detects identity-based attacks by ingesting logs from identity providers, cloud platforms, and SaaS applications.

Senior Director

CrowdStrike

Shipped Falcon for Mobile (formerly IperLane). Sourced and executed the acquisition of Preempt Security (now Falcon Identity Protection). Managed the Falcon Fund cybersecurity venture fund in collaboration with Accel.

Founder & CEO

IperLane

Founded a mobile security startup focused on mobile threat defense. Acquired by CrowdStrike.

Director of Security Engineering

Trail of Bits

Led security research and engineering at a leading cybersecurity research and consulting firm providing software assurance and consulting services to government and commercial clients.

Associate Researcher

MIT Media Lab

Conducted research at the intersection of technology and society.

Security Researcher

Independent / Zynamics / Secure Network

Offensive security research focused on Mac OS X, iOS, and mobile platforms. Two-time Pwn2Own winner (iPhone and BlackBerry). Published extensively at Black Hat, CanSecWest, ACM CCS, Microsoft BlueHat, and other top conferences. Contributed to Google Summer of Code (TrustedBSD).

Publications & Writing

Blog

NYDFS 2026 Vishing Advisory: Detection and Defense with SlashID March 2026
Addresses a February 2026 warning about targeted vishing attacks where criminals pose as IT support to harvest credentials and MFA codes, demonstrating how identity telemetry can detect and contain such threats.
Scattered Spider Tradecraft: Identity Abuse, Attack Flow, and Defense January 2026
Examines the identity-centric attack methodology of the Scattered Spider group, analyzing breaches like MGM and Caesars, and outlining defensive strategies against trust-exploitation tactics.
Microsoft Actor Token Forgery November 2025
Reconstructs an attack technique leveraging token manipulation for privilege escalation and lateral movement, mapping it to MITRE ATT&CK frameworks and recommending detection protocols.
Access Tokens Strike Again: The Salesloft Drift Breach September 2025
Details a credential-harvesting campaign exploiting OAuth integrations to access Salesforce systems and extract embedded secrets across connected platforms.
Illicit Consent-Granting & App Backdooring: Obtaining Persistence in Entra August 2025
Technical analysis of silent OAuth injection attacks targeting Entra ID for unauthorized persistence without user knowledge.

Research Papers & Whitepapers

0-Knowledge Fuzzing CMU Software Engineering Institute
A technique for effective fuzzing without prior knowledge of the input format or binary internals.
Let Your Mach-O Fly Black Hat
In-memory Mach-O binary injection technique for Mac OS X enabling anti-forensics and advanced payload delivery.
Surveillance, Software, Security, and Export Controls BIS Technical Advisory Committee — with Thomas Dullien, Mara Tam
Reflections and recommendations for the Wassenaar Arrangement on export controls for surveillance technologies and intrusion software.
Security in the Fifth Domain: Public and Private Partnership Aspenia 62, Journal of the Aspen Institute Italia
Seeing the Invisible: Forensic Uses of Anomaly Detection and Machine Learning ACM — with Stefano Zanero, Federico Maggi

Book

iOS Hacker's Handbook Wiley — with Charlie Miller, Dion Blazakis, Dino Dai Zovi, Stefan Esser, Ralf-Philipp Weinmann
A comprehensive guide to iOS security covering the security architecture, attack surfaces, exploitation techniques, and defense mechanisms of Apple's mobile platform.

Patent

Container Application for Android-Based Devices US10983849B2 — with Giovanni Gola, assigned to CrowdStrike
Secure container technology for isolating and protecting business applications on Android devices without affecting personal data.

Speaking & Conferences

Talks and conference appearances spanning offensive security research, mobile security, identity, and policy.

Also served as Black Hat Review Board Member, helping select and curate conference talks.

Speaker & Panelist EIC (European Identity and Cloud Conference)
Speaker Identiverse
The Case for Scale in Cyber Security Chaos Communication Congress (36C3) — Security Track Keynote How scale has transformed defensive capabilities, the tools, the jobs, and the face of the infosec community.
Locknote Panel Black Hat Asia
You Ain't Seen Nothing Yet: New Paradigms for Policy, Regulation, and Community Engagement ShmooCon — Invited Panel
What You Need to Know About the Changing Regulatory Landscape in Information Security Black Hat Europe — Invited Panel
How to Modernize the EU's Export Control Regime and the Trade in Zero-Day Vulnerabilities European Parliament — Invited Presentation
Is Sharing Caring? TEDx Lake Como On privacy, the dark web, data economics, and why cryptography and anonymous technologies protect civil liberties.
Locknote Panel Black Hat Asia
Mobile Security Roundtable Black Hat USA — Invited Panel
From One Ivory Tower to Another: Wish Listing for Filling the Gaps in Information (In)Security ACM CCS — Invited Talk Bridging the gap between academic security research and real-world application security.
Bringing Nothing to the Party Source Dublin — Keynote
Bringing Nothing to the Party Countermeasures
Webcast: Exploit Trends and Analysis Black Hat
A Sandbox Odyssey Infiltrate Research on application sandbox architectures and escape techniques.
A Sandbox Odyssey Black Hat Europe
A Sandbox Odyssey iSec Partners Open Forum
A Tale of Mobile Threats Black Hat Executive Briefings
Pwn2Own, Bugs and You RIM Security World Implications of bundling open-source software with BlackBerry OS, focusing on WebKit and the Pwn2Own 2011 exploit.
A Tale of Mobile Threats ISSA International Conference
A Tale of Mobile Threats CSAW:THREADS, NYU
A Tale of Mobile Threats OWASP Day Italy
A Tale of Mobile Threats Qualcomm Security Summit
Pwn2Own: Firefox Exploit (Second Place) CanSecWest Compromised the Firefox browser at the Pwn2Own competition.
Pwn2Own: BlackBerry Exploit (Winner) CanSecWest Exploited BlackBerry OS WebKit vulnerabilities to successfully compromise the device.
An Overview of the Mobile Security State of Art European Commission Joint Research Center
Stale Pointers Are the New Black Black Hat DC
Stale Pointers Are the New Black CanSecWest
Macsploitation (Training) Black Hat USA Two-day hands-on course on finding and exploiting vulnerabilities in Mac OS X.
Pwn2Own: iPhone 3GS Exploit (Winner) CanSecWest — with Ralf-Philipp Weinmann First public return-oriented programming exploit on ARM. Compromised iPhone 3GS via Safari, exfiltrating the SMS database.
Everybody Be Cool, This Is a ROPpery Black Hat USA Framework for architecture-independent gadget search in return-oriented programming.
Everybody Be Cool, This Is a ROPpery Microsoft BlueHat
0-Knowledge Fuzzing Black Hat DC Effective fuzzing with zero knowledge of the input format or binary internals.
0-Knowledge Fuzzing CERT Workshop on Vulnerability Discovery
0-Knowledge Fuzzing Black Hat EU
Mac Hacking Class (Training) Black Hat USA Two-day course covering Mac OS X exploitation techniques with lecture and lab sessions.
0-Knowledge Fuzzing CONfidence
Let Your Mach-O Fly Black Hat DC In-memory Mach-O binary injection technique for Mac OS X, enabling anti-forensics and two-stage shellcode injection.
Fun and Games with Mac OS X and iPhone Payloads Black Hat EU — with Charlie Miller Advanced payloads for forensics evasion on Mac OS X and iPhone, including Meterpreter and userland-exec.
Post Exploitation Bliss: Loading Meterpreter on a Factory iPhone Black Hat USA
Post Exploitation Techniques on OSX and iPhone EuSecWest
Mach-O Reversing and Abusing DeepSec Techniques for reversing and abusing the Mach-O binary format on Mac OS X.
Basic Mach Security InfoSecurity Italy
Bluetooth Pin Cracking InfoSecurity Italy
Mach Security SMAU
Come Creare Package su OpenBSD OpenCon

Podcasts & Media

Risky Business: Snake Oilers
Discussing SlashID's platform for detecting identity-based attacks in cloud environments.
Village Global's Venture Stories: Requests for Startups — Cybersecurity
On the cybersecurity startup landscape, securitizing cyber risk, and investment opportunities in the security space.
Mark Leonard's World in 30 Minutes: The End of the World European Council on Foreign Relations
Interview on cybersecurity threats to the global order.

In the News

Recent media coverage and expert commentary on cybersecurity threats and identity security.

March 2026 Dark Reading

Why Stryker's Outage Is a Disaster Recovery Wake-Up Call

Following the Iran-linked cyberattack on medical technology giant Stryker, Vincenzo Iozzo explains why organizations must frequently back up cloud environments and adopt Infrastructure as Code (IaC) practices for faster recovery.

2026 CSO Online

Overly Permissive Guest Settings Put Salesforce Customers at Risk

Vincenzo Iozzo warns that "Salesforce instances often contain highly sensitive customer data, including credentials and secrets that can be used for lateral movement."

2025 MBT Magazine

AI-Generated Phishing Attacks Increase by 14x

Vincenzo Iozzo explains how AI adoption is compressing the response window for defenders: "Breakout times are steadily decreasing, in large part because of AI-assisted offensive operations."

View all media coverage →

Angel Investing

I'm an active angel investor with a focus on cybersecurity, developer infrastructure, healthcare technology, and enterprise software. I am a Network Leader at Village Global and managed the Falcon Fund at CrowdStrike in collaboration with Accel.

Selected investments include:

Contact

LinkedIn @_vincenzoiozzo SlashID Crunchbase Medium Google Scholar YouTube Amazon Author

Vincenzo Iozzo