RESOURCES

Thought leaders in information security, we conduct radical, world-changing research and deliver renowned presentations around the world.
Library | COLLATERAL | April 17, 2020

IOActive Red and Purple Team Service

Building Operational Resiliency Through Real-world Threat Emulation. Who better to evaluate security effectiveness – compliance auditors or attackers? Vulnerability assessments and penetration tests are critical components of any effective security program, but the only real way to test your operational resiliency is from an attacker’s perspective. 

Launch PDF
Library | COLLATERAL |

IOActive Services Overview

Security services for your business, situation, and risks. With our breadth and depth of services offerings across more environments than any other firm today, we can deliver specific, high-value recommendations based on your business, unique situation, and the risk you face. We are a pure-play security services provider, offering services across the spectrum to include: cybersecurity advisory, full-stack security assessments, SDL, red/purple team and security team development (training) services.

Launch PDF
Library | PRESENTATION, VIDEO | April 9, 2020

Using Red Team and Purple Team Services to Strengthen Enterprise Security

Red team exercises provide organizations a real-world perspective on the efficacy of their security operations and incident response capabilities. The ability to identify a security incident quickly and respond efficiently is critical to protecting the information and assets most important to your company’s bottom line. In this webinar, John Sawyer, Director of Services at IOActive, will discuss the collaborative benefits of red team and purple teams and how it enhances the ability for enterprise blue teams to fully understand the visibility into each stage of a targeted attack from…

access the video
Library | WHITEPAPER | February 10, 2020

LoRaWAN Networks Susceptible to Hacking: Common Cyber Security Problems, How to Detect and Prevent Them

LoRaWAN is fast becoming the most popular wireless, low-power WAN protocol. It is used around the world for smart cities, industrial IoT, smart homes, etc., with millions of devices already connected. The LoRaWAN protocol is advertised as having “built-in encryption” making it “secure by default.” As a result, users are blindly trusting LoRaWAN networks and not paying attention to cyber security; however, implementation issues and weaknesses can make these networks easy to hack. Currently, cyber security vulnerabilities in LoRaWAN networks are not well known, and there are no existing tools…

Launch PDF
Cesar Cerrudo
Library | PRESENTATION, VIDEO | January 21, 2020

Secure Design and Secure System Architecture Webinar Series

Brook Schoenfield, author, Master Security Architect and Director of Advisory Services for IOActive, will be sharing deep insights to Secure Design, and Security Systems Architecture concerns in this four-part webinar series. Brook will cover Threat Modeling, DevOps Security, and the myriad challenges facing Secure Design implementations.

access the videos
Brook S.E. Schoenfield
Library | WHITEPAPER | August 7, 2019

Arm IDA and Cross Check: Reversing the 787’s Core Network

In 2008, the Dreamliner was presented as the world’s first e-Enabled commercial airplane. Boeing certainly introduced an impressive new set of functionalities, enabling the vast majority of the components to be highly integrated with and connected to regular systems, such as onboard maintenance, data-load, and the Crew Information System. IOActive has documented our detailed attack paths and component vulnerabilities to describe the first plausible, detailed public attack paths to effectively reach the avionics network on a commercial airplane from either non-critical domains, such as Passenger Information and Entertainment Services, or…

Launch PDF
Ruben Santamarta
Library | PRESENTATION, VIDEO | April 25, 2019

Critical Infrastructure: Hack the Smart City

Cesar Cerrudo, CTO, IOActive, provides a webinar presentation on the ever-growing risks of using technology that enables smart cities. With the advancement of information, communication, and IoT technologies, come new vulnerabilities, and opportunities for cyber attacks, resulting in disruption and denial of services.

access the video
Cesar Cerrudo
Library | PRESENTATION, VIDEO | April 16, 2019

Application Security: Security Testing Stock Trading Applications

In this two-part webinar series, Alejandro Hernandez, IOActive Senior Security Consultant, provides insight to security testing stock trading applications. Part 1 gives an overview of stock trading platforms technology and risks, and application security testing, and Part 2 provides a deeper dive into the technical aspects of the application security testing methods and discoveries.

access the videos
Alejandro Hernandez
Library | PRESENTATION, VIDEO | April 3, 2019

Thoughts on Supply Chain Integrity

In this video presentation, John Sheehy, VP, Sales and Strategy at IOActive, shares his comprehensive view on the myriad considerations facing business as they undertake supply chain integrity assessments.  He delves deeply into the pertinent details of: industry definitions of what a supply chain is; potential supply chain disruptions; real-world examples of attacks; various approaches to ensuring supply chain integrity; and  thoughts on solutions and what can be done.

access the video
Library | INSIGHTS | October 17, 2018

Smart Cities: Cybersecurity Worries

Infodocument providing a visual exploration into the growing security concerns of smart city technologies. Featuring detail to the myriad technologies, problems, threats, possible targets, as well as current examples of cities having experienced attacks.

access the infodoc
Cesar Cerrudo

Biometric Security: Facial Recognition Testing

IOActive has conducted extensive research and testing of facial recognition systems on commercial mobile devices. Our testing included setups for 2D- and 3D-based algorithms, including technologies using stereo IR cameras. Discovering the underlying algorithms to find setups to bypass them, then calculating the Spoof Acceptance Rate (SAR).

ACCESS THE WHITEPAPER


IOACTIVE CORPORATE OVERVIEW (PDF)IOACTIVE SERVICES OVERVIEW (PDF)


IOACTIVE ARCHIVED WEBINARS