Rocco is a renowned vulnerability researcher in the cybersecurity field, with a breadth of expertise spanning binary analysis, source code review, vulnerability crash analysis, exploitation techniques, and advanced fuzzing. Over his 13-year career, Rocco has enhanced the cybersecurity posture of governments and private sector organizations alike, garnering public recognition for identifying critical security flaws, including remote code execution vulnerabilities in Microsoft Office 2022 and various routers. As Chief Vulnerability Researcher at TECSECURITY LLC, he has spent the past year uncovering high-risk vulnerabilities in widely-deployed products.
Throughout his illustrious career, Rocco has discovered thousands of security vulnerabilities, worked across multiple sectors in three countries, and spearheaded top-secret security assessments. He has served as a security consultant for prestigious Global 1000 organizations such as Microsoft, the Mayo Clinic, Commonwealth Bank of Australia, Nvidia, and BAE Systems Applied Intelligence.
Known for his exceptional stakeholder engagement, project management, and execution, Rocco has a unique ability to intuitively understand and adapt to evolving needs. He was a core member of the world-class cybersecurity group, Corelan Team; a significant contributor to the Rapid7 Metasploit Project; and a security researcher at Trend Micro's Zero Day Initiative, Accenture iDefense, and HackerOne bug bounty programs. Demonstrating his ambition and well-roundedness, Rocco co-founded the Digital Security Research Centre at the Technology Innovation Institute in the UAE, collaborating with the University of Virginia's team to focus on automating vulnerability research in their Cyber Grand Challenge competition.
In 2022, Rocco achieved the 1st place position on the Microsoft Security Response Center's Office Security Researcher Leaderboard. In 2010, he won second prize against international competitors in the global cyber challenge organized by Hackers for Charity. At Panoply's 2013 Security in Government Conference, Rocco emerged victorious against competitors from government, academia, and industry.
Driven by his passion for community engagement and lifelong learning, Rocco has served as a moderator for Exploit-Database (exploitdb.com), managed by Offensive Security; led the Coordinated Disclosure Program at xen1thLabs; and earned public acknowledgments from major tech companies, including Microsoft, Adobe, IBM, NETGEAR, and VideoLAN, for identifying zero-day vulnerabilities.