Joshua Pennell

Founder and President

Joshua Pennell

As IOActive’s Founder and President, Joshua Pennell has a proven, 19-year track record of creating and growing a multimillion-dollar, independent security services organization. Under Josh’s leadership, IOActive has emerged as one of the world’s leading technical security consultancies based on cutting-edge research and meritocratic governance.

Josh serves on the advisory boards of Source, Vantos, and SiteScout, and is the Chairman of IOActive’s advisory board, which includes luminaries such as Steve Wozniak, Jim Reavis, and Ian Cook. He played an integral role in helping his team win Defcon’s Capture the Flag competition for three consecutive years. He also spent several years revolutionizing the competition’s technology before handing the game over to Kenshoto.

Visit Joshua’s LinkedIn Profile

Joshua Pennell

Jennifer Steffens

Chief Executive Officer

Jennifer Steffens

As its CEO, Jennifer Steffens spearheads all aspects of IOActive’s global business operations and drives the company’s strategic vision. Jennifer brings a wealth of industry and business experience to the company, having been an early member of several successful startups.

Earlier in her career, Jennifer was a Director at Sourcefire, where she helped build and grow its run rate from $250K to over $35M in just four years. She helped commercialize the Snort open source intrusion detection and prevention technology and built several service offerings around research initiatives. Prior to joining IOActive, Jennifer came to Seattle to help startup GraniteEdge reinvent itself. While there, she led initiatives to restructure the company and developed a product strategy that ultimately secured two additional rounds of funding. With over ten years of industry experience, Jennifer has held senior management positions at Ubizen, NFR Security, and StillSecure.

Jennifer is a well-respected media source, appearing in InfoSecurity Magazine, SC Magazine, Good Morning America, BBC, Reuters, The Guardian, and CBS News. She has been invited to give keynote presentations at a variety of conferences such as HackInTheBox. Jennifer is a member of EWF, ISSA, and OWASP.

Visit Jennifer’s LinkedIn Profile

 

Cesar Cerrudo

Chief Technology Officer

Cesar Cerrudo

As CTO for IOActive Labs, Cesar Cerrudo leads the team in producing ongoing, cutting-edge research. Cesar manages IOActive’s responsible disclosure process and is the main liaison between IOActive and CERT.

Formerly the founder and CEO of Argeniss Consulting–which was acquired by IOActive–Cesar is a world-renowned security researcher and specialist in application security. Cesar is credited with discovering and helping to eliminate dozens of vulnerabilities in leading applications, including Microsoft SQL Server, Oracle database server, IBM DB2, Microsoft Windows, Yahoo! Messenger, and Twitter. He has a record of finding more than 50 vulnerabilities in Microsoft products and more than 20 in Microsoft Windows Operating Systems.

Cesar has authored several white papers on database and application security as well as attacks and exploitation techniques based on his unique research. More recently he’s conducted research on the Internet of Things (IoT) and traffic control systems. He has been invited to present at a variety of companies and conferences, including Black Hat, Bellua, CanSecWest, EuSecWest, WebSec, HITB, Microsoft BlueHat, EkoParty, FRHACK, H2HC, Infiltrate, 8.8, Hackito Ergo Sum, NcN, and Defcon. Cesar collaborates with, and is regularly quoted in, print and online publications.

Visit Cesar’s LinkedIn Profile

Cesar Cerrudo

Will Longman

Vice President, IT & Security

Will Longman

As IOActive’s Vice President for Information Technology & Security, Will Longman is accountable for safeguarding client and proprietary data as well as provisioning the IT services that support the company’s innovative operations. Will leverages more than 25 years of senior cybersecurity and IT leadership experience including “C-level” positions from across a spectrum of commercial industries and the military to successfully meet these challenges.

Previously at Alaska Airlines, Will has been the security leader at Varolii (now Nuance Communications Outbound), Motricity, Infospace, and Go2Net. He was also President and Founder of  Expert Digital Forensics and is a certified forensics examiner. Will has been a vocational teacher for information technology and a Certified Cisco Academy Instructor. Prior to that, he served 21 years in the United States Navy as a submariner, submersible pilot, and diver, retiring as an officer. Will holds a Bachelors Degree in Computer Science and a Certificate in Digital Forensics.

Visit Will’s LinkedIn Profile

 

Kevin Murphy

Vice President, Cyber Operations

Kevin Murphy

As Vice President of Cyber Operations, Kevin Murphy is responsible for the quality of IOActive’s global customer experience including overall customer satisfaction and quality assurance. 

In addition, Kevin oversees IOActive Labs for producing industry-leading security vulnerability research on silicon, embedded systems, SCADA, networks, and applications for the benefit of our customers.

Kevin, is a retired U.S. Air Force intelligence officer and a former Director of Windows Security Architecture with Microsoft Corporation. Additionally, he has held leadership positions with the Boeing Co. and the National Security Agency. Kevin has more than 25 years of experience in intelligence and information security.

He holds the CISM, CISSP, CGEIT security certifications.

Kevin has authored several articles on Advanced Persistent Threats and how to defend against them. In addition, he is a regular speaker for the Secure World Expo and the Law Seminars International Cyber Security Conference.

Visit Kevin’s LinkedIn Profile

Kevin Murphy