Skip navigation

Effective October 28, 2019 Duo Security will be transitioning to Cisco's Privacy Statement. View the Duo Privacy Data Sheet.

Industry Events

Duo CTO Jon Oberheide to Discuss Mobile Vulnerability at Interop 2013

It's Interop 2013 week at the Mandalay Bay in Las Vegas, and Duo’s CTO Jon Oberheide will be speaking on Wednesday, May 8th, from 3:45–4:45pm on the topic of mobile vulnerability assessment and our unique "X-Ray" mobile app.

Check out the details below. If you're at Interop and are interested in mobile device security, be sure to drop by this session to learn the latest and say hi to Jon.

Session Overview: Mobile Vulnerability Assessment: There's an App for That!

Mandalay Bay, Wednesday, May 8th, 3:45–4:45pm Conservative carriers frequently leave privilege escalation vulnerabilities unpatched for months and years on today's consumer mobile platforms, a far cry from the near-instant silent updates delivered to desktop platforms. These large windows of vulnerability allow even unsophisticated attackers to reuse off-the-shelf exploits and target users with their malicious mobile apps. This presentation explores how such privilege escalation vulnerabilities can be enumerated with a standard market-delivered application, allowing enterprises, and even end users, to assess the risk of their mobile devices. Results of a public release of a vulnerability assessment app run on over 25,000 Android devices will be presented.

About X-Ray

X-Ray is Duo’s mobile app that performs “vulnerability assessment” on Android devices. Instead of scanning for malicious apps installed on the device like a mobile antivirus app would do (a nearly-intractable problem), X-Ray can identify known, yet unpatched, vulnerabilities in the mobile platform itself that could be exploited to take full control of users’ phones.

More information at Interop 2013.