Cristofaro Mune is an independent product security consultant, providing expert advice for design, development, and integration of secure products and solutions. He also performs device-level security testing by means of advanced SW and HW techniques
He has more than 15 years of experience in assessing HW and SW security in complex ecosystems, encompassing networks, IoT devices, and highly secure products, ranging from fully SW-based to purely HW-based solutions He has wide experience in security testing of embedded devices, in environments where high assurance is required. His expertise in Critical Infrastructures covers the Telecommunication sector, where he has been part of Security Operation Centers and Emergency Response teams, as well as the Energy sector, where he has performed ecosystem-level threat analysis and device-level penetration testing.
As a researcher, he has presented works at major security conferences such as Black Hat, Microsoft BlueHat, Hardweasio, EuskalHack CONFidence, Syscan, WarCons Topics covered Escalation of Linux privileges via Fault Injection, Secure initialization of TEEs, advanced White-lBox cryptography attacks, exploitation of embedded devices, mobile security He is also a co-author of Academic papers on White-Box cryptography and Fault Injection attacks