# Vincenzo Iozzo

> CEO & Co-Founder of SlashID. Cybersecurity leader, entrepreneur, investor, and researcher.

## About

Vincenzo Iozzo is the CEO and Co-Founder of SlashID, a developer-first identity security platform that detects and prevents identity-based attacks across cloud environments.

He previously founded IperLane, a mobile security company acquired by CrowdStrike. At CrowdStrike, he served as Senior Director, shipping Falcon for Mobile, executing the acquisition of Preempt Security (now Falcon Identity Protection), and managing the Falcon Fund cybersecurity venture fund in collaboration with Accel.

His earlier career was dedicated to offensive security research. He won Pwn2Own twice: first by demonstrating the first public return-oriented programming exploit on ARM (compromising an iPhone 3GS via Safari with Ralf-Philipp Weinmann), and then by defeating BlackBerry OS security. He co-authored the iOS Hacker's Handbook (Wiley) with Charlie Miller, Dion Blazakis, Dino Dai Zovi, Stefan Esser, and Ralf-Philipp Weinmann.

He has served on the Black Hat Review Board, as an Associate Researcher at the MIT Media Lab, and as a Network Leader at Village Global. He holds a BS in Computer Engineering from Politecnico di Milano.

He is an active angel investor backing companies across cybersecurity, developer tools, healthcare, and infrastructure.

## Fields of Expertise

- Identity Security — Detection and prevention of identity-based attacks, federation security, OAuth/OIDC, non-human identities.
- Offensive Security & Vulnerability Research — Exploit development, return-oriented programming, browser exploitation, sandbox escapes. Two-time Pwn2Own winner.
- Mobile Security — iOS and mobile platform security research, mobile threat defense product development, device exploitation and hardening.
- Fuzzing & Program Analysis — Zero-knowledge fuzzing techniques, binary analysis, anomaly detection, automated vulnerability discovery.
- Reverse Engineering — Mach-O binary analysis, in-memory injection, Mac OS X and iOS internals, ARM architecture.
- Company Building & M&A — Founded two companies (SlashID, IperLane). Executed strategic acquisitions at CrowdStrike including Preempt Security.
- Venture & Angel Investing — Active angel investor across cybersecurity, developer tools, healthcare, and infrastructure. Managed the Falcon Fund at CrowdStrike.
- Security Policy & Export Controls — Contributed to Wassenaar Arrangement discussions on export controls for surveillance technologies and intrusion software.

## Career

- CEO & Co-Founder at SlashID
- Senior Director at CrowdStrike
- Founder & CEO at IperLane (acquired by CrowdStrike)
- Director of Security Engineering at Trail of Bits
- Associate Researcher at MIT Media Lab
- Security Researcher (Independent / Zynamics / Secure Network)

## Speaking & Conferences

Black Hat Review Board Member.

- Speaker & Panelist, EIC (European Identity and Cloud Conference), 2025
- Speaker, Identiverse, 2025
- The Case for Scale in Cyber Security, Chaos Communication Congress (36C3) Security Track Keynote, 2019 — How scale has transformed defensive capabilities and the infosec community.
- Locknote Panel, Black Hat Asia, 2016
- You Ain't Seen Nothing Yet: New Paradigms for Policy, Regulation, and Community Engagement, ShmooCon, 2016
- What You Need to Know About the Changing Regulatory Landscape in Information Security, Black Hat Europe, 2015
- How to Modernize the EU's Export Control Regime and the Trade in Zero-Day Vulnerabilities, European Parliament, 2015
- Is Sharing Caring?, TEDx Lake Como, 2015 — On privacy, the dark web, data economics, and why cryptography and anonymous technologies protect civil liberties.
- Locknote Panel, Black Hat Asia, 2015
- Mobile Security Roundtable, Black Hat USA, 2014
- From One Ivory Tower to Another, ACM CCS Invited Talk, 2013 — Bridging the gap between academic security research and real-world application security.
- Bringing Nothing to the Party, Source Dublin (Keynote), 2013
- Bringing Nothing to the Party, Countermeasures, 2013
- Webcast: Exploit Trends and Analysis, Black Hat, 2013
- A Sandbox Odyssey, Infiltrate, 2012 — Research on application sandbox architectures and escape techniques.
- A Sandbox Odyssey, Black Hat Europe, 2012
- A Sandbox Odyssey, iSec Partners Open Forum, 2012
- A Tale of Mobile Threats, Black Hat Executive Briefings, 2012
- Pwn2Own, Bugs and You, RIM Security World, 2012
- A Tale of Mobile Threats, ISSA International Conference, 2012
- A Tale of Mobile Threats, CSAW:THREADS (NYU), 2012
- A Tale of Mobile Threats, OWASP Day Italy, 2012
- A Tale of Mobile Threats, Qualcomm Security Summit, 2012
- Pwn2Own: Firefox Exploit (Second Place), CanSecWest, 2012
- Pwn2Own: BlackBerry Exploit (Winner), CanSecWest, 2011 — Exploited BlackBerry OS WebKit vulnerabilities.
- An Overview of the Mobile Security State of Art, European Commission Joint Research Center, 2011
- Stale Pointers Are the New Black, Black Hat DC, 2011
- Stale Pointers Are the New Black, CanSecWest, 2011
- Macsploitation (Training), Black Hat USA, 2011 — Two-day hands-on course on Mac OS X exploitation.
- Pwn2Own: iPhone 3GS Exploit (Winner), CanSecWest, 2010 (with Ralf-Philipp Weinmann) — First public ROP exploit on ARM.
- Everybody Be Cool, This Is a ROPpery, Microsoft BlueHat, 2010 — Architecture-independent gadget search for ROP.
- Everybody Be Cool, This Is a ROPpery, Black Hat USA, 2010
- 0-Knowledge Fuzzing, Black Hat DC, 2010
- 0-Knowledge Fuzzing, CERT Workshop on Vulnerability Discovery, 2010
- 0-Knowledge Fuzzing, Black Hat EU, 2010
- Mac Hacking Class (Training), Black Hat USA, 2010 — Two-day course on Mac OS X exploitation techniques.
- 0-Knowledge Fuzzing, CONfidence, 2010
- Post Exploitation Bliss: Loading Meterpreter on a Factory iPhone, Black Hat USA, 2009
- Let Your Mach-O Fly, Black Hat DC, 2009 — In-memory Mach-O binary injection for Mac OS X.
- Fun and Games with Mac OS X and iPhone Payloads, Black Hat EU, 2009 (with Charlie Miller) — Meterpreter and userland-exec payloads.
- Post Exploitation Techniques on OSX and iPhone, EuSecWest, 2009
- Mach-O Reversing and Abusing, DeepSec, 2008
- Basic Mach Security, InfoSecurity Italy, 2008
- Bluetooth Pin Cracking, InfoSecurity Italy, 2007
- Mach Security, SMAU, 2007
- Come Creare Package su OpenBSD, OpenCon, 2004

## Publications & Writing

### Book
- iOS Hacker's Handbook, Wiley — with Charlie Miller, Dion Blazakis, Dino Dai Zovi, Stefan Esser, Ralf-Philipp Weinmann

### Research Papers
- 0-Knowledge Fuzzing, CMU Software Engineering Institute
- Let Your Mach-O Fly, Black Hat
- Surveillance, Software, Security, and Export Controls, BIS Technical Advisory Committee — with Thomas Dullien, Mara Tam
- Security in the Fifth Domain: Public and Private Partnership, Aspenia 62, Journal of the Aspen Institute Italia
- Seeing the Invisible: Forensic Uses of Anomaly Detection and Machine Learning, ACM — with Stefano Zanero, Federico Maggi

### Patent
- Container Application for Android-Based Devices (US10983849B2) — with Giovanni Gola, assigned to CrowdStrike

### Blog (SlashID)
- NYDFS 2026 Vishing Advisory: Detection and Defense with SlashID, March 2026 — https://www.slashid.dev/blog/nydfs-vishing-guidance — Addresses targeted vishing attacks where criminals pose as IT support to harvest credentials and MFA codes.
- Scattered Spider Tradecraft: Identity Abuse, Attack Flow, and Defense, January 2026 — https://www.slashid.dev/blog/scattered-spider-tradecraft — Examines identity-centric attack methodology of Scattered Spider group, analyzing breaches like MGM and Caesars.
- Microsoft Actor Token Forgery, November 2025 — https://www.slashid.dev/blog/actor-token-forgery-overview — Reconstructs attack technique leveraging token manipulation for privilege escalation and lateral movement.
- Access Tokens Strike Again: The Salesloft Drift Breach, September 2025 — https://www.slashid.dev/blog/salesloft-drift-breach — Credential-harvesting campaign exploiting OAuth integrations to access Salesforce systems.
- Illicit Consent-Granting & App Backdooring: Obtaining Persistence in Entra, August 2025 — https://www.slashid.dev/blog/entra-app-backdooring — Technical analysis of silent OAuth injection attacks targeting Entra ID.
- Achieving Least Privilege: Unused Entitlement Removal
- Protecting Against Malicious OAuth 2.0 Applications
- Identity Security: The Problem(s) with Federation
- Non-Human Identities Security: Breaking Down the Problem

## Podcasts & Media
- Risky Business: Snake Oilers — On SlashID's identity attack detection platform.
- Village Global's Venture Stories: Requests for Startups — Cybersecurity
- Mark Leonard's World in 30 Minutes: The End of the World, European Council on Foreign Relations

## Angel Investing

Network Leader at Village Global. Former manager of Falcon Fund at CrowdStrike in collaboration with Accel.

Portfolio companies include:
- Immersive Labs — Cybersecurity workforce resilience platform
- Pulley — Cap table and equity management for startups
- Modal Labs — Cloud infrastructure for AI and data workloads
- Stoik — Cyber Insurance
- XP Health — AI-powered vision benefits platform
- Optymize — Continuous profiling for cloud-cost optimization

## In the News (Selected Media Coverage)

- Why Stryker's Outage Is a Disaster Recovery Wake-Up Call, Dark Reading, March 2026 — https://www.darkreading.com/cybersecurity-operations/stryker-outage-disaster-recovery-wake-up-call
- Iranian Hacktivists Claim Attack on US Stryker, Information Security Buzz, March 2026 — https://informationsecuritybuzz.com/iranian-hacktivists-claim-attack-on-us-stryker/
- Overly Permissive Guest Settings Put Salesforce Customers at Risk, CSO Online, 2026 — https://www.csoonline.com/article/4143667/overly-permissive-guest-settings-put-salesforce-customers-at-risk.html
- AI-Generated Phishing Attacks Increase by 14x, MBT Magazine, 2025 — https://www.mbtmag.com/cybersecurity/article/22962434/aigenerated-phishing-attacks-increase-by-14x

## Links
- Website: https://vincenzoiozzo.com
- Newsroom: https://vincenzoiozzo.com/newsroom.html
- LinkedIn: https://www.linkedin.com/in/vincenzoiozzo/
- X/Twitter: https://x.com/_vincenzoiozzo
- SlashID: https://www.slashid.dev
- Crunchbase: https://www.crunchbase.com/person/vincenzo-iozzo
- Goodreads: https://www.goodreads.com/author/show/5366115.Vincenzo_Iozzo