As IOActive’s Founder and President, Joshua Pennell has a proven, 19-year track record of creating and growing a multimillion-dollar, independent security services organization. Under Josh’s leadership, IOActive has emerged as one of the world’s leading technical security consultancies based on cutting-edge research and meritocratic governance.
Josh serves on the advisory boards of Source, Vantos, and SiteScout, and is the Chairman of IOActive’s advisory board, which includes luminaries such as Steve Wozniak, Jim Reavis, and Ian Cook. He played an integral role in helping his team win Defcon’s Capture the Flag competition for three consecutive years. He also spent several years revolutionizing the competition’s technology before handing the game over to Kenshoto.
As its CEO, Jennifer Steffens spearheads all aspects of IOActive’s global business operations and drives the company’s strategic vision. Jennifer brings a wealth of industry and business experience to the company, having been an early member of several successful startups.
Earlier in her career, Jennifer was a Director at Sourcefire, where she helped build and grow its run rate from $250K to over $35M in just four years. She helped commercialize the Snort open source intrusion detection and prevention technology and built several service offerings around research initiatives. Prior to joining IOActive, Jennifer came to Seattle to help startup GraniteEdge reinvent itself. While there, she led initiatives to restructure the company and developed a product strategy that ultimately secured two additional rounds of funding. With over ten years of industry experience, Jennifer has held senior management positions at Ubizen, NFR Security, and StillSecure.
Jennifer is a well-respected media source, appearing in InfoSecurity Magazine, SC Magazine, Good Morning America, BBC, Reuters, The Guardian, and CBS News. She has been invited to give keynote presentations at a variety of conferences such as HackInTheBox. Jennifer is a member of EWF, ISSA, and OWASP.
As CTO for IOActive Labs, Cesar Cerrudo leads the team in producing ongoing, cutting-edge research. Cesar manages IOActive’s responsible disclosure process and is the main liaison between IOActive and CERT.
Formerly the founder and CEO of Argeniss Consulting–which was acquired by IOActive–Cesar is a world-renowned security researcher and specialist in application security. Cesar is credited with discovering and helping to eliminate dozens of vulnerabilities in leading applications, including Microsoft SQL Server, Oracle database server, IBM DB2, Microsoft Windows, Yahoo! Messenger, and Twitter. He has a record of finding more than 50 vulnerabilities in Microsoft products and more than 20 in Microsoft Windows Operating Systems.
Cesar has authored several white papers on database and application security as well as attacks and exploitation techniques based on his unique research. More recently he’s conducted research on the Internet of Things (IoT) and traffic control systems. He has been invited to present at a variety of companies and conferences, including Black Hat, Bellua, CanSecWest, EuSecWest, WebSec, HITB, Microsoft BlueHat, EkoParty, FRHACK, H2HC, Infiltrate, 8.8, Hackito Ergo Sum, NcN, and Defcon. Cesar collaborates with, and is regularly quoted in, print and online publications.
As IOActive’s Vice President for Information Technology & Security, Will Longman is accountable for safeguarding client and proprietary data as well as provisioning the IT services that support the company’s innovative operations. Will leverages more than 25 years of senior cybersecurity and IT leadership experience including “C-level” positions from across a spectrum of commercial industries and the military to successfully meet these challenges.
Previously at Alaska Airlines, Will has been the security leader at Varolii (now Nuance Communications Outbound), Motricity, Infospace, and Go2Net. He was also President and Founder of Expert Digital Forensics and is a certified forensics examiner. Will has been a vocational teacher for information technology and a Certified Cisco Academy Instructor. Prior to that, he served 21 years in the United States Navy as a submariner, submersible pilot, and diver, retiring as an officer. Will holds a Bachelors Degree in Computer Science and a Certificate in Digital Forensics.
As Vice President of Cyber Operations, Kevin Murphy is responsible for the quality of IOActive’s global customer experience including overall customer satisfaction and quality assurance.
In addition, Kevin oversees IOActive Labs for producing industry-leading security vulnerability research on silicon, embedded systems, SCADA, networks, and applications for the benefit of our customers.
Kevin, is a retired U.S. Air Force intelligence officer and a former Director of Windows Security Architecture with Microsoft Corporation. Additionally, he has held leadership positions with the Boeing Co. and the National Security Agency. Kevin has more than 25 years of experience in intelligence and information security.
He holds the CISM, CISSP, CGEIT security certifications.
Kevin has authored several articles on Advanced Persistent Threats and how to defend against them. In addition, he is a regular speaker for the Secure World Expo and the Law Seminars International Cyber Security Conference.