Billy Hoffman is Field CTO at IONIX, where he works with CISOs and security teams on attack surface discovery, exposure management, and threat intelligence operationalization. He has spent more than two decades in offensive and applied security research, beginning at SPI Dynamics where he led web application security research before the firm was acquired by HP. He subsequently managed HP's Web Security Research Group, then founded Zoompf, a web performance and security startup acquired by Rigor, where he served as CTO. He is co-author of Ajax Security (Addison-Wesley), one of the earliest definitive guides to Web 2.0 application security, and has presented research at Black Hat, RSA Conference, and Shmoocon. He writes on attack surface management, supply chain risk, threat intelligence, and vulnerability research.
Posted by Billy Hoffman
Fara Hain
October 9, 2025
Exposed, Misconfigured and Forgotten: The Triple Threat of External Risk (and how to fix with Cloudflare and IONIX)
Billy Hoffman
April 15, 2025
Prophylactic Cybersecurity for Healthcare
Billy Hoffman
September 16, 2024
Review of the Polyfill Supply Chain Attack – Lessons & Mitigation
Billy Hoffman
April 12, 2024
CVE-2024-3400 – PAN-OS OS Command Injection Vulnerability in GlobalProtect Gateway
Billy Hoffman
March 27, 2024
Operationalizing Threat Intelligence with Attack Surface Management
