Vito Rallo

Vito Rallo

Cybersecurity Executive | Managing Director | AI Security

Contact

+32 473 112830
vito.rallo@gmail.com
(me@vitorallo.com)
LinkedIn Profile
Medium Blog

Expertise

  • Go-to-market
  • Practice development
  • P&L
  • Business development
  • Board advisory
  • Red Teaming
  • Threat Informed Defense
  • AI Security
  • Incident Response
  • Threat Hunting
  • OT/ICS (IEC 62443)
  • Cloud & App Security
  • SecOps
  • AI DevOps
  • Security as Code
  • CTI automation

Industries

  • Finance & Fintech
  • Critical Infrastructure (Energy, TSOs, Oil & Gas)
  • Public Sector
  • Technology

Languages

Englishfluent
Italiannative
Frenchgood
Dutchbasic
Profile

25 years in cybersecurity. Started as an ethical hacker, spent the last decade in leadership roles: Managing Director at Kroll and Crimson7, now Consult Partner for Security & Resilience at Kyndryl BeNeLux.

I've run offensive and definsive secuirty consulting business, built teams, opened new markets, and shaped-built service offerings across EMEA. The technical background is key to speak the languange of CISOs as well I can relate with C-level and boards on risk, close complex deals, understanding complex architecture and provide the right solutions while speaking directly with secuirity officers and engineers.

Currently, I have a strong focus on AI security and, particularly on Security for Agentic systems. Threat-informed defense has been my driver for the last 2 years, helping financial clients improving their Security Operations, with continuos validation, Purple Teaming, Detection Engineering and Threat Hunting provided as managed services.

Executive Experience

Kyndryl - Consult Partner, Security & Resilience BeNeLux

Own Security and Resilience services for BeNeLux. Handle go-to-market, client relationships, and partner development. Also working as the firm's AI Security specialist, advising on agentic systems.

Crimson7 - Founder & Managing Director

Started a Threat Research Lab with a deep knowledge matured by the team in the previous Kroll experience. Full P&L, commercial strategy, HR hiring, business development/GTM and marketing, partnerships management. Brought to market a continuous Purple Team service (Purple Rain) and a threat hunting platform.

Kroll - Managing Director, EMEA Proactive Services & Global Red Team

Ran proactive cybersecurity services for EMEA. Global responsible for Red Team strategy and service design, delivery. Cyber strategy expert. Country Manager for Belgium, set up the Brussels office, hired the team. Split time between Brussels and London HQ.

PwC - Director, Offensive Security & Incident Response

Joined as Senior Manager, made to Director. As Director, I Led offensive security and incident response for PwC Belgium and Europe. Built cross-border teams, developed new services, served as EMEA subject matter expert for OT security. Worked with central banks on TIBER-BE and NL frameworks.

IBM - Team Leader & Senior Engineer, X-Force RED

Technical foundation. Ethical hacker in IBM's X-Force RED, grew into team leadership. Mix of hands-on work and client management.

Early Career - Founder & Technical Specialist

Founded MEDIALAB (consulting, 1999-2005). Network/Wireless specialist at 2Bite. Researcher at Telecom Italia.

Key Achievements
  • Crimson7 - Founded, and brought to market with a successful exit. Built the team, closed relevant partnerships, sold and delivered services. The Purple Team offering (Purple Rain) was the flagship product together with 7hunter, a threat hunting platform I designed.
  • Kroll Belgium - Set up the entity, served as Country Manager, built the local Red Team while also covering EMEA proactive delivery and global Red Team strategy.
  • VLAIO funding - Access to R&D funding for development of HackerFlow, a Purple Team SaaS platform. I designed the entire platform and successfully applied for the grant.
  • TIBER frameworks - Helped design TIBER-NL and TIBER-BE with DNB and NBB. Delivered the first prototype tests for regulated financial institutions.
  • Board programs - Created interactive "hacking experience" sessions for C-level and board audiences. Turns technical risk into something executives actually understand.
  • ThiA patent - Designed and patented hardware-based forensic acquisition tools at PwC.
  • Peach Studio - Current side project. Built threat profiling agents (on Apify marketplace), working on AI security tooling and automation.
  • Security tools - IronVeil (identity scanner for AD/Entra), 7hunter (threat hunting with MS Sentinel integration), various MCP server integrations.

Public Github: https://github.com/vitorallo

Education & Credentials
  • Master of Technology - Networking for Enterprise and Carriers (Telecom Italia)
  • Master's Degree (BS+5), Computer Science - University of L'Aquila, Italy
  • AWS Certified Solutions Architect - Associate
  • GIAC GWAPT | SEC575 Mobile Device Security | CEH
  • Cisco CCNP/CCIP
  • NATO Secret Clearance (expired)