Security Research & Engineering

Mathew Solnik

Security researcher, engineering leader, and CISO. Twenty years across AI, mobile, cellular, blockchain, and embedded systems — building enterprise security programs and publishing original research.

Now Head of Security Engineering & Field CISO, WitnessAI Also Founder, OffCell Research Based Dallas, TX

§01 — Public Research

Selected work, made public.

2016

Demystifying the Secure Enclave Processor

Black Hat USA 2016 →

The first public deep technical analysis of Apple's Secure Enclave Processor (SEP) and SEPOS — the hardware-isolated security coprocessor deployed in every iPhone since the 5S. Covered SEP hardware design, boot process, SEPOS kernel and architecture, the iOS-to-SEP mailbox protocol, and the SEP attack surface — establishing the public baseline for SEP security research.

2014

Cellular Exploitation on a Global Scale: The Rise and Fall of the Control Protocol

Black Hat USA · Europe · Breakpoint →

A critical set of over-the-air cellular vulnerabilities affecting devices across every major mobile platform. Developed OTA exploits including a full remote iOS jailbreak, a blind Android lock-screen bypass, and complete remote code execution on Android.

2011

Blackbox Android: Breaking Enterprise-Class Applications and Secure Containers

Hack in the Box KUL · OWASP AppSec →

Research into “enterprise class” Android applications and “secure containers” — products widely marketed to protect sensitive corporate information on mobile devices. Covered the threat model for Android in the enterprise, what secure containers actually defended against, and assessment techniques for evaluating these vendors against real-world threats.

2011

First publicly demonstrated over-the-air car hack

Contributing research · Black Hat USA 2011 (War Texting)

Remote compromise of an automotive system over the air; followed in 2013 with OTA automotive vulnerabilities enabling remote manipulation and stopping of a moving vehicle.

§02 — Career

Where the work has happened.

WitnessAI

Head of Security Engineering & Field CISO

Now

OffCell Research

Founder & CEO

Now

Sundance Square

Interim CIO

Bitoken

Co-Founder & CSO

Azimuth Security

Senior Security Researcher

Accuvant LABS

Principal Security Consultant, Applied Research

Appthority

Senior Member of Technical Staff

iSEC Partners

Information Security Consultant

IronKey

Special Projects Research Engineer

§03 — Patents

Patents & applications.

AI model security via automated injection and proxy server enforcement US12587529B2 · Granted
Secure Systems of Guardrails for Securing the Use of Large Language Models US20250307418A1 · Published

§04 — Writing

Selected writing.

Winning the Game of Hide and DeepSeek WitnessAI Blog

§05 — Press

Coverage & recognition.

Wired — Hackers Can Control Your Phone Using a Tool That’s Already Built Into ItFeature
The Wall Street Journal — Smartphones Become Next Frontier in CybersecurityFeature
Reuters — Smartphone Management Flaws Put Users at Risk, Researchers SayFeature
MIT Technology Review — Most Smartphones Come With a Poorly Secured Back DoorFeature
CBS News — Theft via text: Cars vulnerable to hack attacksBroadcast
Vice — We Drove a Car While It Was Being HackedDocumentary
Ars Technica — Blackphone Goes to DEF CON and Gets Hacked… Sort OfFeature
The Register — Two Billion Mobes Easily Hacked by Evil Base StationsFeature
SC Magazine — Hidden Controls Open 2 Billion Mobile Devices to ExploitationFeature
Dark Reading — Black Hat USA 2014: Focus on MobileFeature
Android Security AcknowledgementsRecognition
Qualcomm Product Security Hall of FameRecognition
CERT/CC Advisory CA-2002-30Disclosures

§06 — Connect

Get in touch.

LinkedIn→ GitHub→ X (Twitter)→ Google Scholar→