Office:         MF 6.061 
                        P.O. Box 513, 5600 MB
                        Eindhoven, The Netherlands
        Email:          l.allodi at tue.nl
        PGP fngrprnt:   950E 3DC8 EB66 DFF3 B64D  7848 A0AD 0BB6 5DC4 98F1

Public key here. Curriculum Vitae here.

LinkedIn (hardly updated) at this.
Mastodon (hardly accessed) at @securescientist@fediscience.org.
I am active on BlueSky 🦋 at @securescientist.eu.

I am neither on Facebook nor on Twitter/X. My Twitter handle was @securescientist. Following the demise of reach, pluralism, and reasoned discourse on “X”, I have deactivated and deleted my account effective on 14/12/2024.

More verbosely

I am an Associate Professor at the Security Group of the Eindhoven University of Technology, in the Netherlands. Previously I worked and studied at the University of Trento, Italy, where graduated my PhD in 2015 with a thesis entitled: “Risk-based Vulnerability Management. Exploiting the economic nature of the attacker to build sound and measurable vulnerability mitigation strategies”.

The gist of my research is to link the technical, economic, and strategic factors that drive cyber-attackers to defensive operations and technology. To this aim I investigate the dynamic optimization problems the attacker solves when engineering a new attack, the economics of vulnerability exploitation, how these translate in novel threats at scale, and how these can be ultimately delivered to the (human) user. A newer branch of our work focuses on how to integrate these insights into more effective security defenses. My research draws from several field, including computer security, economics, risk analysis, and criminology.

I am an acknowledged authoring member of the First.org SIG Team for the upcoming CVSS v3.1 framework (the worldwide standard-de-facto for vulnerability assessment), and I am the Scientific Director of the Eindhoven Security Hub SOC (ESH-SOC). Read more about it here and here.