Matteo Rizzi Security Specialist Officer

Matteo Rizzi, born on September 30, 1998, currently holds the position of Security Administrator at Fondazione Bruno Kessler and serves as a Security Specialist Officer in the Security and Trust unit. His research interests focus on improving TLS analysis and exploring identity management to safeguard their foundation against cyber threats. The main works are related to applying his expertise in risk analysis, red and blue teaming, OSINT, and offensive technologies. He regularly performs penetration tests and implements additional security measures to ensure the safety of FBK infrastructure.

As a Security Specialist Officer, he analyzes the security of TLS deployments and strives to enhance TLS analysis tools. Through his work, he fostered collaborations that encourage the sharing of knowledge in security technologies. He received recognition for his thesis in information security with the colleagues Giada Sciarretta and Salvatore Manfredi, achieving third place in the Premio Tesi - Clusit in Milan.

He has had the privilege of mentoring bright students (high school and undergraduate), guiding them through projects that enhance their understanding of cybersecurity, with a focus on conducting penetration testing and creating educational videos. He has also been involved in lecturing and sharing their career path to inspire others in cybersecurity.

As part of a partnership with Istituto Poligrafico and Zecca dello Stato, he was involved in the development of the European Identity Wallet, with the goal of creating a reliable and secure digital identity management system. He has developed guidelines for Linux hardening in banking environments and made contributions to the Multi-CIE function in the CieID App.

Matteo has a wide range of technical skills, including proficiency in multiple programming languages and a strong understanding of cybersecurity standards. They have a strong passion for threat intelligence and have uncovered significant vulnerabilities in their infrastructure. This has resulted in valuable partnerships with law enforcement agencies.

Looking ahead, Matteo is deeply interested in exploring new solutions and conducting research in the fields of cybersecurity, privacy, forensics, and digital identity, with a strong interest in security protocol analysis, access control, zero-trust and zero-knowledge methods, malware analysis, and AI-powered cybersecurity. Matteo’s goal is to continue contributing to their field and exploring new opportunities that align with their passion for cybersecurity.

Publications

2024

Riccardo Germenia, Salvatore Manfredi, Matteo Rizzi, Giada Sciarretta, Alessandro Tomasi, Silvio Ranise
Automating Compliance for Improving TLS Security Postures: An Assessment of Public Administration Endpoints
In: 21st International Conference on Security and Cryptography (SECRYPT 2024) (DOI, complementary material, news)
Stefano Berlato, Matteo Rizzi, Matteo Franzil, Silvio Cretti, Pietro De Matteis, Roberto Carbone
Work-in-Progress: A Sidecar Proxy for Usable and Performance-Adaptable End-to-End Protection of Communications in Cloud Native Applications
In: 2024 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW) (OSVS 2024) (DOI)

2022

Matteo Rizzi, Salvatore Manfredi, Giada Sciarretta, Silvio Ranise
A Modular and Extensible Framework for Securing TLS
In: Proceedings of the Twelfth ACM Conference on Data and Application Security and Privacy (CODASPY 2022) (DOI, news)
Matteo Rizzi, Salvatore Manfredi, Giada Sciarretta, Silvio Ranise
Demo: TLSAssistant v2 - A Modular and Extensible Framework for Securing TLS
In: Proceedings of the 27th ACM Symposium on Access Control Models and Technologies (SACMAT 2022) (DOI, news)

Theses

Matteo Rizzi (Bachelor's Thesis, University of Trento, 2021)
TLS Analyzers for Android Apps: State-of-the-art Analysis and Integration in TLSAssistant
Supervisor: Silvio Ranise | Co-supervisors: Giada Sciarretta, Salvatore Manfredi
Awards: 3rd place at thesis award "Innovare la sicurezza delle informazioni 2021", sponsored by CLUSIT

Dissemination

2023

September 29, 2023 • General
Salvatore Manfredi, Matteo Rizzi, Giada Sciarretta
Siamo al sicuro? Mettiamoci alla prova! Un viaggio nel mondo della sicurezza informatica
Notte della Ricerca 2023 (Event)

April 14, 2023 • School
Matteo Rizzi, Giada Sciarretta
Cybersecurity: l'esperienza di due giovani professionisti
Liceo Steam International, Rovereto

March 26, 2023 • Specialized
Matteo Rizzi
Know Your Enemy
Workshop for the "Fog and Cloud Computing" Master Course at UniTN

Supervised Theses

2024

Matteo Bregola (Bachelor's Thesis, University of Trento, 2024)
Comprehensive Analysis of Breach and Attack Simulation Tools - A Theoretical and Framework-Driven Assessment of Their Capabilities, Advantages, and Limitations
Supervisor: Silvio Ranise | Co-supervisors: Matteo Rizzi, Salvatore Manfredi, Pietro De Matteis
Filippo De Grandi (Bachelor's Thesis, University of Trento, 2024)
BAS Tools - Implementation of an Attack Pattern to Mimic a Threat Actor
Supervisor: Domenico Siracusa | Co-supervisors: Matteo Rizzi, Salvatore Manfredi, Pietro De Matteis
Alessandro Fontana (Bachelor's Thesis, University of Trento, 2024)
Rilevamento Automatico di Vulnerabilità TLS su iOS e Android
Supervisor: Silvio Ranise | Co-supervisors: Salvatore Manfredi, Matteo Rizzi

2023

Sara Sorrentino (Bachelor's Thesis, University of Trento, 2023)
Use of Gamification for Effective Cybersecurity Awareness Programs: Study and Design of a Novel Framework
Supervisor: Silvio Ranise | Co-supervisors: Salvatore Manfredi, Matteo Rizzi
Riccardo Germenia (Bachelor's Thesis, University of Trento, 2023)
A Module to Evaluate the Security Compliance of TLS Deployments: Design and Implementation of a Mechanized Methodology
Supervisor: Silvio Ranise | Co-supervisors: Salvatore Manfredi, Matteo Rizzi

Contacts

Links