MarkFlow: Make Your Markdown Sparkle!
Find out about MarkFlow, created by Joshua Holland to beautifully format your markdown and
If the world is run by little ones and zeroes and little bits of data, the Duo Labs team are the mad scientists putting ‘em to work. Not only do we have our customers’ backs by serving up deep knowledge, we’re also dedicated to protecting the Internet more generally by identifying and fixing vulnerabilities on a broader scale. What does that look like? We build, we break, we reason. Our work spans the breadth of product prototyping, Internet scale research and analysis, vulnerability research and exploit development, and applications of data science and machine learning to address security problems. As a group our core goals are to Disrupt, to Derisk, and to Democratise complex security topics and to share our innovations in ways that make the greatest possible impact.
Learn the trends and incentives for builders, practitioners, and attackers keeping the security industry in a reactionary loop—and, how to stop it.
Discover the future of digital identity in this deep dive into risks and benefits of passkeys, verifiable credentials, and passwordless authentication.
Learn how Duo's data scientists and threat analysts proactively identify and prevent novel attack methods across billions of authentications.
How reviewing sociological problems with authentication can help us address the technological problems we face today.
An in-depth look at current identity-based threats and a discussion of mechanisms to both prevent and detect them.
Learn all you need to know to determine for yourself why passwordless authentication can be more secure & usable than today’s leading authentication systems.
Discover what happened when our engineer requested his data from location data brokers & learn why existing processes don't work for the average person.
Learn how Google & Apple’s Exposure Notification API works & the security considerations that make it good for preserving user privacy & stopping bad actors.
Duo Labs investigates how infrared imaging is used for authentication in facial recognition and vein scanning technologies.
An introductory guide to finding radio frequency side channels for data exfiltration.
Explore what properties of biometrics make them good or bad at defending against one threat but not another, then take a deeper look at specific technologies.
Duo Labs’ CRXcavator tool used to uncover and remove a large scale campaign of malvertising Chrome extensions.
Learn about how Duo’s data science team used gamification to teach data analysis skills in an interactive workshop.
Explore what can go wrong for developers when bad cryptographic advice on the internet turns into common implementations.
Learn about the problem of sensitive info getting published on version control systems and discover multiple ways to monitor GitHub for secrets.
Learn about the communication channel between macOS & the new T2 secure boot chip. We illuminate the XPC messaging protocol & provide tools to explore yourself.
Duo Labs study on amplification bots: what they are and how they operate.
An in-depth look at the new secure boot feature found in T2 enabled Apple devices.
Discover how an authentication weakness in Apple’s Device Enrollment Program can be used to leak information and potentially enroll rogue devices in MDM servers.
Duo Labs security researchers show how to bypass microcontroller interfaces used for internet of things (IoT) devices. Learn more.
Explore some of the more notable vulnerability disclosure moments in infosec history, all in one timeline for your reference.
What else is Duo Labs thinking about? Find out at our Tech Talks, where our security researchers give the inside scoop on their latest projects and host experts from across the industry showcasing their own cutting-edge work.
Find out about MarkFlow, created by Joshua Holland to beautifully format your markdown and
To make security conference talks more widely accessible, we released srtGen, which
EdDSA is a digital signature scheme that functions over elliptic curves. While ECDSA is