Founder and President
As IOActive's Founder and President, Joshua
Pennell, enjoys a proven, 14-year entrepreneurial track record of
creating and maintaining a multimillion-dollar, customer-focused,
independent, global security services organization. Through Pennell's
leadership, IOActive has emerged as one of the world's longest
standing, highly technical boutique security consultancies with a
history based on cutting-edge research and meritocratic governance.
Pennell serves on the advisory boards of Source,
Vantos, and SiteScout. Pennell is also the Chairman of IOActive's
advisory board, which includes computer industry venerables such as
Steve Wozniak, Jim Reavis, and Jason Larsen. In years past, Pennell
played an integral role in helping his team win Defcon's Capture the
Flag competition for three consecutive years. He also spent several
years technically revolutionizing the competition before handing the
game over to Kenshoto.
Pennell enjoys riding his bicycle in London while
thinking of innovative ways to reduce IOActive customers' security
risks through pragmatic application of security best practices. If
you enjoy what you do for a living, you'll never work another day in
Visit Mr. Pennell's LinkedIn
Chief Executive Officer
As its CEO, Jennifer Steffens is responsible for
all aspects of IOActive's global business operations including sales,
delivery, and finance as well as driving the company's strategic
vision. Steffens brings a wealth of industry and business experience to
the company, having been an early member of several successful startups.
Earlier in her career, Steffens was a Director at
Sourcefire, where she helped build and grow the business from $250K to
an over $35M run rate in just four years. Working closely with the CTO,
Steffens helped commercialize the open source Snort technology and
build several service offerings around the research initiatives. Prior
to joining IOActive, she came to Seattle to help the struggling startup
GraniteEdge reinvent itself. She spearheaded initiatives to restructure
the company and developed a product strategy to drive early market
penetration that ultimately secured two additional rounds of funding.
With over 10 years of industry experience,
Steffens has also held senior management positions at Ubizen, NFR
Security, and StillSecure. She graduated from Mary Washington
University with a Bachelor of Science in Psychology.
Visit Ms. Steffens' LinkedIn
CTO IOActive Labs
Cesar Cerrudo is CTO at IOActive Labs, where he
leads the team in producing ongoing cutting-edge research in the areas
of SCADA, mobile device, application security, and more. Formerly the
founder and CEO of Argeniss Consulting - which was acquired by IOActive
- Cesar is a world-renowned security researcher and specialist in
Throughout his career, Cesar is credited with
discovering and helping to eliminate dozens of vulnerabilities in
leading applications including Microsoft SQL Server, Oracle database
server, IBM DB2, Microsoft BizTalk Server, Microsoft Commerce Server,
Microsoft Windows, and Yahoo! Messenger. Cesar also has authored
several white papers on database and application security, and attacks
and exploitation techniques. He has been invited to present at a
variety of companies and conferences including Microsoft, Black Hat,
Bellua, CanSecWest, EuSecWest, WebSec, HITB, Microsoft BlueHat,
EkoParty, FRHACK, H2HC, and Defcon. Cesar collaborates with and is
regularly quoted in print and online publications including eWeek,
ComputerWorld, and other leading journals.
Visit Mr. Cerrudo's LinkedIn
Vice President of Services
As Vice President of Services, James is
responsible and accountable for ensuring high levels of customer
satisfaction and quality delivery for consulting engagements.
James Crimens is a seasoned security and services
professional, bringing over 15 years of experience in influencing
strategic direction, business planning, and execution to IOActive.
Prior to joining IOActive, James served as a principal at JG Crimens
& Associates and Director of Security & Privacy
Services for Deloitte & Touche, where he was instrumental in
building the global Oracle security practice and the Deloitte India
Security & Privacy Services practice.
Prior to his tenure at Deloitte, James served with
the Information Risk Management practice at KPMG and the Information
Technology Management team at Washington Group International.
James is a subject matter expert in areas such as
Information Security, Risk Management, IT Governance, Identity and
Access Management, and Corporate IT Strategy. His past engagements have
spanned IT strategy, business optimization, risk management, cloud
computing, identity management, operations, and enterprise security
Visit Mr. Crimens' LinkedIn
Vice President of Business Development and Sales
IOActive’s Vice President of Business Development and Sales, Matt
Rahman plays a crucial role in expanding IOActive’s international
footprint, while positioning the company as the worldwide premier
high-end services company.
A veteran of the industry, Rahman has spent the last 19-years in
various executive roles in security software and services firms,
helping companies grow from less than $10 million to over $120 million.
Prior to joining IOActive, Rahman was Senior Director of Business
Development and Strategic Alliances for Damballa where he built and led
strategic alliances and business development focused on driving top
line revenue through Communication Service Providers (CSP), MSPs and
technology alliances. Before joining Damballa, Rahman was Corporate and
Business Development executive at Solutionary and Technology Executive
at IBM Internet Security Systems (ISS). Rahman gained early management
experience while working for KPMG, BellSouth, UUnet/MCI, NetSec and
Rahman holds an MBA, BS, CISSP, CISM and ITIL degrees and
certifications. He serves on several boards as an officer including
Aunigma, InfraGard and SEERN, and a contributing member at Cloud
Security Alliance (CSA), ISSA, and HTCA. In his spare time Rahman is an
Information Security adjunct professor at ITT Tech.
Visit Mr. Rahman's' LinkedIn
Vice President of Marketing
As IOActive’s Vice
President of Marketing, Karen Howe will lead efforts to drive strategic
growth oriented marketing programs on a worldwide basis aimed at demand
creation, market communications, and sales enablement for the company.
Howe leads strategic thinking regarding integrated marketing efforts,
as well as the brand activation strategy including analyst relations,
sponsorships, PR, and events.
Howe is a seasoned business
leader and marketing veteran with more than 20 years’ experience
working with multimedia and Internet technologies. Prior to joining
IOActive, Howe was a director of marketing for Microsoft within
Microsoft Research, vice president and GM at AOL, CEO of Technicolor
subsidiary Singingfish, vice president of marketing for Mindbloom,
Stamps.com, and 2WAY Corp.
Other career highlights include
11 years with Adobe Systems and Aldus Corp., where she helped launch
the desktop publishing category and established the company's
Australian subsidiary. She’s won two WEBBY awards and two audio/video
Howe received her B.A from Whitman College in Walla Walla, Washington.
Visit Ms. Howe's LinkedIn