Connect with Duo users and security professionals in our Community.
Can't find what you're looking for? Contact Sales or Contact Support.
Featured Articles
NIST’s New Security and Privacy Controls For IoT, MFA and SSO
NIST releases a new version of their Security and Privacy Controls, addressing new risks posed by the latest technology - the Internet of Things, plus guidance on combining single sign-on and multi-factor authentication.
Duo Labs / Featured Article
Dissecting Security Hardware at Black Hat and DEF CON
Get insights into how to assess security hardware, including experimentations in counterfeiting U2F authentication tokens, different weaknesses in the hardware components of encrypted USB keys and more.
Industry News / Featured Article
Phishing Emails Leverage Recently Patched Windows Vulnerability
A recently patched, high-severity Windows vulnerability, CVE-2017-0199, is being used in phishing attacks to deliver malware to users - hitting 1.5 million users in Q2 of this year.
Industry News / Featured Article
Security Anthropology: How Do Organizations Differ?
Different types of organizations have different threat profiles - instead of classic benchmarking, which can be problematic, researching and creating organizational personas can help us better understand how they approach security issues.
Recent Articles
NIST’s New Security and Privacy Controls For IoT, MFA and SSO
NIST releases a new version of their Security and Privacy Controls, addressing new risks posed by the latest technology - the Internet of Things, plus guidance on combining single sign-on and multi-factor authentication.
Dissecting Security Hardware at Black Hat and DEF CON
Get insights into how to assess security hardware, including experimentations in counterfeiting U2F authentication tokens, different weaknesses in the hardware components of encrypted USB keys and more.
Security Anthropology: How Do Organizations Differ?
Different types of organizations have different threat profiles - instead of classic benchmarking, which can be problematic, researching and creating organizational personas can help us better understand how they approach security issues.
Examining Security Science at Black Hat 2017
Learn about the complexities of conducting security science and phishing tests - the psychological dynamics, validity of security usability studies, ethical issues, hallway testing and more.
Lights, Camera, Action: The Making of Duo's First In-House Commercial
Duo has produced videos in-house since 2013, but until recently we never tackled a broadcast quality commercial on our own. Our senior media producer gives a look behind the scenes of "Duo Vs. Everybody," a complex, extensive production that was our first to include professional actors and a full video crew.
NIST Update: Passphrases In, Complex Passwords Out
New NIST guidelines recommend using long passphrases instead of seemingly complex passwords - check out a summary of the new best practices for password security in NIST’s SP 800-63B.
Hunting Malicious npm Packages
Duo Labs analyzes npm packages and how attackers can use malicious packages to gain access to and control over systems.
Get security conference OPSEC (operational security) tips from a senior security researcher who has seen it all - from trading trust for convenience to unattended personal items, learn how to lock it down when you’re on the road.
Sometimes You Wanna Go Where Everybody Knows Your $NAME
It’s true there’s no shortage of black hoodies or console-inspired color schemes at events like DEF CON, but this one-dimensional image misses a lot of the truth, explains Zoe Lindsey, Advocacy Manager at Duo.
Securing BYOD With Duo’s Trusted Endpoints for Mobile
Gaining visibility into your Bring Your Own Device (BYOD) environment is the first step toward security at your company. Learn how to create and enforce BYOD security policies, and how Duo’s Trusted Endpoints for mobile can help.
What is Modern Two-Factor Authentication (2FA)?
Access security and identity have evolved quickly over the years - here’s what to look for in a modern two-factor authentication solution.
New Open-Source Phishing Tools: IsThisLegit and Phinn
We're excited to announce two new open-source tools designed to help administrators prevent, manage, and respond to phishing attacks against their organization - IsThisLegit and Phinn.
Key Updates to NIST’s Digital Identity Guidelines: SP 800-63-3
NIST has updated their Digital Identity Guidelines, SP 800-63-3 with final security recommendations - see the new standards that many industries, including government agencies and contractors, need to follow.
Where to Find Duo at BSides, Black Hat & DEF CON 25
If you’re heading to Las Vegas for a week of back-to-back conferences, well, we are too. And we’ll be there with a new tool demo, book signing, plus several parties & awesome DJs.
August, 2017
July, 2017
June, 2017
May, 2017
April, 2017
March, 2017
February, 2017
January, 2017
December, 2016
November, 2016
October, 2016
September, 2016
August, 2016
July, 2016
June, 2016
May, 2016
April, 2016
March, 2016
February, 2016
January, 2016
December, 2015
November, 2015
October, 2015
September, 2015
August, 2015
July, 2015
June, 2015
May, 2015
April, 2015
March, 2015
February, 2015
January, 2015
December, 2014
November, 2014
October, 2014
September, 2014
August, 2014
July, 2014
June, 2014
May, 2014
April, 2014
March, 2014
February, 2014
January, 2014
December, 2013
November, 2013
October, 2013
September, 2013
August, 2013
July, 2013
June, 2013
May, 2013
April, 2013
February, 2013
January, 2013
December, 2012
November, 2012
September, 2012
August, 2012
July, 2012
June, 2012
May, 2012
March, 2012
February, 2012
January, 2012
September, 2011
August, 2011
July, 2011
June, 2011
May, 2011
April, 2011
December, 2010
