Vito Rallo
Curriculum Vitae

Vito Rallo

Cybersecurity Expert/Red Team Global Head/AI Security Researcher

01

Profile

25 years in cybersecurity. Started as an ethical hacker, now leading Kyndryl's Security & Resilience practice for BeNeLux. I previously worked as Managing Director at Kroll (Global Head of Red Team) and ran the Crimson7 Threat Research Lab with focus on Attack Simulation research.

Background spans Red Teaming, OT/IoT security, Threat Informed Defense, and Incident Response. Worked across finance, fintech, public sector, and critical infrastructure.

Current focus: AI-powered attack simulation, weaponising AI for vulnerability hunting, and AI agentic security. Also AI automation and Security as Code. Threat Intelligence used to lead Attack Simulations.

02

Experience

Kyndryl · Consult Partner

Leading for Security and Resilience services in BeNeLux. Responsible for developing the market, adapting services, and advising clients on AI security for agentic systems.

Peach Studio · Founder

Founded an AI prototyping and creative lab. We build products with AI at the core: autonomous agents, edge-AI security tooling, and developer tools. The flagship is Foil, an on-device AI code security scanner for Apple Silicon.

Crimson7 · Managing Director

Built the business from scratch. Handled managed services development, research, marketing, client and partner relationships. Launched a continuous Purple Team service and built solutions for Threat Hunting, Threat Informed Defense, and Security Operations.

Kroll · Managing Director

Led proactive services for EMEA and owned Red Team service design and delivery as Managing Director. Country Manager for Belgium.

PwC · Director

Offensive Security lead (ethical hacking), EMEA SME, Incident Response team lead. Delivered for PwC Belgium and PwC Europe. Joined as Senior Manager, promoted to Director.

IBM · Senior Engineer/Team Leader/Ethical Hacker

Technical foundation in IBM X-Force RED. Worked as ethical hacker, product specialist, and team lead.

Early Career · Telecom Italia, 2Bite, MEDIALAB

Founded MEDIALAB (consulting, 1999-2005). Network Engineer and Wireless Specialist at 2Bite (2003-2005). Researcher at Telecom Italia (2006).

03

Achievements

  • Foil (foil.peachstudio.be) - Built and published through Peach Studio, my AI prototyping lab. Foil is a local-LLM code security scanner for Mac (Apple Silicon) that weaponises AI for vulnerability hunting, shipping with a custom 7B model fine-tuned for code vulnerability analysis, code never leaves the machine. Found several vulnerabilities through this work, now pending CVEs under embargo. Also built threat profiling agents on the Apify marketplace, MacFrame (mainframe emulators for macOS), and MCP servers for various integrations. Run the first Claude Code Skills marketplace in Belgium.
  • AI attack simulation - Building attack simulation tooling driven by AI and LLMs, replicating adversary TTPs through agentic workflows.
  • Training - Author of "Attack Simulation Tools with Claude Code", a hands-on training on building offensive security tooling with AI coding agents.
  • Crimson7 - Co-founded with a team of security experts. The lab replicates advanced attack techniques to provide intelligence and detection engineering. Designed Purple Rain (continuous Purple Team service) and authored IronVeil (identity scanner for AD/Entra) and 7hunter (threat hunting platform with MS Sentinel integration).
  • Kroll Europe - Set up the Brussels entity, hired the team, served as Country Manager while also covering EMEA proactive and working between Brussels and London HQ.
  • PwC - Built OT security capabilities, led incident response projects, served as Europe-level SME for OT IR. Designed and patented ThiA (hardware-based forensic acquisition). Helped design TIBER-NL and TIBER-BE with NBB and DNB, including delivery of the first prototype tests.
  • C-level programs - Created interactive board awareness sessions ("the hacking experience").
  • VLAIO funding - Won public funding for HackerFlow, a Purple Team SaaS platform.

github.com/vitorallo

04

Speaking and Community

Speaker at BruCON, hardwear.io, and BSides. Trainer at BruCON.

Maintainer of several open source security projects.

05

Specialization

Red Teaming, Threat EmulationAI-powered Attack SimulationAI for Vulnerability HuntingIR & Threat Hunting (IT/OT)AI Security & Agentic SystemsAI DevOps (Claude Code)Cyber Threat Intelligence/AutomationSecurity Operations (SecOps)Cloud, Application & Mobile SecurityOT/ICS Security (IEC 62443)AppSec & Security as CodeSovereign cloudCompliance & Risk Management
06

Industries

Finance and fintechTSOs, Energy, oil and gasCritical infrastructurePublic sectorIT/Cloud/Infrastructure security

Regulatory NIS2, IEC 62443, NIST, CRA, GDPR

07

Education

  • Post-university Master of Technology - Networking for Enterprise and Carriers (Telecom Italia)
  • Master's degree (BS+5), Computer Science - University of L'Aquila (Italy)
  • SEC575: Mobile Device Security | CEH | GIAC GWAPT
  • Cisco CCNP/CCIP
  • AWS Certified Solutions Architect - Associate (2018)
  • NATO Secret Clearance (expired)
08

Languages

Englishfluent
Italiannative
Frenchgood
Dutchbasic