Omar Morando

A partner you can trust

What I Do

Cyber security OT

Ethical hacking, penetration testing, vulnerability analysis in OT domain. More then 20 years in OT/ICS Industrial Automation domain (SCADA, PLC, remote I/O, fieldbus).

ScadaSploit Framework

I'm the developer of "ScadaSploit", a framework which includes dozens of auxiliary modules and exploits dedicated to OT systems. It's widely used during sessions of vulnerability analysis and penetration testing.


Deep knowledge in software development for mobile robots, embedded systems, IoT and real-time. Languages: C/C++, Python, C#, Java. Frameworks: Qt/QML, PyQt, ROS.

Training & Consulting

Training and dissemination of issues related to cyber security, privacy and data protection. We can help you to evaluate the resources and impact of implementing your cyber security process from design to operational.



12/2021 - current
Sababa Security

OT Cyber Security Director

After over 10 years as an independent consultant in embedded development and ethical hacking, I joined the Sababa team with great enthusiasm. Now I lead the offensive security Business Unit, coordinating a team of incredibly talented penetration testers capable of performing offensive security activities in IT, ICS and Automotive.

10/2020 - current
CNH Industrial - Freelance

OT Cyber Security Specialist (external consultant)

Automotive Cyber Security Specialist. Joined the on-board Telematics team to provide support for the implementation of cybersecurity in the ECUs on board of connected vehicles.

2010 - 12/2021

Cyber security, ethical hacker, OT specialist

I'm a freelance security researcher and penetration tester focused on offensive OT/ICS security, with 20+ years of experience in the industrial automation domain, working with SCADA, PLC, fieldbus, remote I/O • I'm the developer of "ScadaSploit", a framework which includes dozens of auxiliary modules and exploits dedicated to OT systems, in particular PLC and SCADA mainly present on the Italian market • Training and dissemination on cyber security and ICS protection issues • Design and development of real-time software on embedded systems for industry and mobile robots.

2017 - 12/2019

R&D UAV Systems

I was part of the international team involved in the technical development and cyber security aspect of "Use case scenario" within the European Research and Innovation project "Horizon 2020 - CPSwarm", focused on the development of algorithms and control systems for swarms of drones, with self-organization and fully autonomous flight and with a secure communication layer between swarm agents.

2008 - 2010
Progea International

International Business Developer

I was in charge of further developing and managing worldwide sales for Progea, Italian company specialized in SCADA and HMI applications • Start-up of the new branch in Lugano, starting new subsidiaries and distributors • Building new professional teams • Training, technical support, sales forecasting, international marketing and communication, conventions and exhibition.

2005 - 2008
Caterpillar Group - CGT

Business Developer Manager

Reporting directly to the General Manager, I was in charge of business development working in close contact with other Managers • Market analysis, competition and geomarketing, which led to the improvement of commercial coverage and efficiency • Business development with targeted actions to strengthen the service network offer.

2000 - 2005
Schneider Electric

Group Product Manager - Industrial Automation Systems

I was in charge of directing the product teams responsible for the industrial automation products, including: SCADA and PC based software, PLC, industrial PC, remote I/O and networks with a total turnover of over € 20 million.

1995 - 2000
Schneider Electric

Product Manager

I was responsible for major PLC lines, SCADA and PC based software. I acquired expertise in product marketing plans, competition analysis, price definition, promotions, exhibitions, events • Launch of new products, definition of sales budget and communication plans, creation of commercial documents • As a product specialist, I’ve provided technical support on ICS systems to the sales network in the pre/after-sales phase. • Training of sales network for new products and direct support for major clients • Speaker at dozens of technical conferences.

1990 - 1995
Schneider Electric

Software Engineer

Software Engineer for SCADA systems • Technical support on SCADA supervision software and networks, and joined the sales network at the pre/after-sales stage and for technical intervention at clients’ premises • Technical trainer • Development of SCADA and HMI applications, integration with new specific functionality using C/C++ language.

1987 - 1990
Comau - Robotic Division

Software Engineer

I worked in a team for development of new SCADA system for control and monitoring automated plants for Fiat Auto (SCADA based on Digital MicroVAX system).


CompTIA PenTest+

CompTIA Security+

OffSec OSCP (pending)

Practical Ethical Hacking

Bug Bounty Hunting

Industrial CyberSecurity Certified Professional

Automotive CyberSecurity Certified Professional


Cyber security, ethical hacking, pentesting


SCADA, PLC, remote I/O, fieldbus


Embedded systems, IoT, RTOS, Linux


Frameworks: Qt/QML, PyQt, ROS


I2C, SPI, CAN, GPIO, IRQ, UART, WiFi, Bluetooth


Coding skills









RTOS /// multithreading


What I do

Risk Assessment

Security consulting


Email: me [at] omarmorando [dot] com

Fingerprint: 2297 5D4A 0516 9D93 0DE3 B318 1FEF 288E 0BE6 256F

How Can I Help You?