Research-fueled Security Services

Connect with a Security Expert
The Latest
Blog
IOActive Guest Blog | Interdependencies – Handshakes Between Critical Infrastructures | Ernie Hayden
Events
Hardware Reverse Engineering Workshop (Harris 2023) | Andrew Zonenberg
Research
IOActive Labs Blog | Exploring the security configuration of AMD platforms
Blog
IOActive Guest Blog | Remote Writing Trailer Air Brakes with RF | Ben Gardiner
Research
IOActive Labs Blog | NFC Relay Attack on Tesla Model Y | Josep Pi Rodriguez
Research
Whitepaper | NFC Relay Attack on Tesla Model Y | Josep Pi Rodriguez
Press
IOActive Expands Transportation Cybersecurity Business with Addition of Cybersecurity Expert Kevin Harnett
Blog
IOActive Guest Blog | The Battle of Good vs Evil: Regulations and Cybersecurity | Urban Jonson
Blog
Update on SATCOM Terminal Attacks During the War in Ukraine
Research
WP | Reverse Engineering of DAL-A Certified Avionics: Collins’ Pro Line Fusion—AFD-3700 | Ruben Santamarta
Blog
IOActive Labs Blog | Satellite (in)security: Vulnerability Analysis of Wideye SATCOM Terminals | Ethan Shackelford
Research
WP | Cyberattacks on SATCOM: Understanding the Threat | Ethan Shackelford
Blog
Missed Calls for SATCOM Cybersecurity: SATCOM Terminal Cyberattacks Open the War in Ukraine | John Sheehy
Research
Batteries Not Included: Reverse Engineering Obscure Architectures | Ethan Shackelford
Blog
Responding to a Changing Threatscape: Sharing More | John Sheehy
Blog
Wideye Security Advisory and Current Concerns on SATCOM Security | Ethan Shackelford
Blog
IOActive Labs Blog | Biometric Hacking: Facial Authentication Systems | Gabriel Gonzalez, Alejo Moles
Research
WP | Facial Recognition Security Research
Blog
IOActive Labs | How We Hacked Your Billion-dollar Company for Forty-two Bucks | Jamie Riden
Blog
IOActive Labs | Cracking the Snapcode | Daniel Moder
Other
IOActive archived webinars available for immediate access: AppSec, Breaking BLE series, Critical Infrastructure, Red/Purple Team, Secure Design series, more...
Blog
Guest Blog | The Risk of Cross-Domain Sharing with Google Cloud’s IAM Policies | Chris Cuevas, Erik Gomez, SADA
Blog
Counterproliferation: Doing Our Part | John Sheehy
Blog
Breaking Protocol (Buffers): Reverse Engineering gRPC Binaries | Ethan Shackelford
Other
Techspective Podcast – The Value of Red and Purple Team Engagements | John Sawyer
Research
WP | Intel-commissioned whitepaper from IOActive Research: Cross-Platform Feature Comparison
Blog
IOActive Guest Blog | Cybersecurity Alert Fatigue: Why It Happens, Why It Sucks, and What We Can Do About It | Andrew Morris, GreyNoise

Services

IOActive approaches security from the attacker’s mindset. Whether infiltrating software, hardware, networks or human resources, our consultants uncover the weaknesses in your operations. We combine the latest security research with our time-tested techniques to provide critical security services, as penetration testing and red team services for the full stack, to meet your business goals and strengthen security resiliency.
FULL STACK SECURITY ASSESSMENTS
Learn More
SECURE DEVELOPMENT LIFECYCLE
Learn More
RED TEAM AND PURPLE TEAM SERVICES
Learn More
ADVISORY SERVICES
Learn More
TRAINING
Learn More
IOActive Security Services
IOActive Expands Secure Development Lifecycle Services with Continuous Penetration Testing
New Service Model Designed to Enable Enterprise DevSecOps to Build a Robust Secure Development Lifecycle
read more
manufacturing
Manufacturing
Transportation
Transportation
Energy

Industries

CRITICAL INFRASTRUCTURE
ENERGY
FINANCIAL SERVICES
HEALTHCARE
MANUFACTURING
MEDIA & ENTERTAINMENT
RETAIL & CONSUMER PRODUCTS
TECHNOLOGY
TELECOMMUNICATIONS
TRANSPORTATION

We Are a Global Team

With operations and clients in six continents and more than 30 countries, we bring world-class services to your business and operations
Learn More

Events

Find our team around the globe presenting at conferences, speaking on podcasts and webinars, moderating panels and hosting talks at an IOActive event engagement near you.
View the Full Events List
24
January
WORKSHOP
Hardware Reverse Engineering Workshop (Harris 2023) | Andrew Zonenberg
Bochum, Germany
23
April
CONFERENCE
RSA Conference 2023
Moscone Center, San Francisco, CA
30
May
CONFERENCE
Hardwear.io Security Trainings and Conference - USA 2023
TBA
10
August
CONFERENCE
DEF CON 31
Caesars Forum + Flamingo, Harrah's and Linq, Las Vegas, NV
8
November
CONFERENCE
SecureWorld Conference 2023 - Seattle
TBA

JOIN OUR TEAM

We thrive on outsmarting attackers and knowing our work keeps people and businesses safe. Share our mission? Join us!
View Openings

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close