Duo Labs: Meet Your Trusted Experts and Advisors….in Avatar Form!
Duo Labs: Meet Your Trusted Experts and Advisors….in Avatar Form!
Last week we announced the addition of more big brains to the Duo Labs research team. This, of course, is not to say that the existing team members were not doing a valiant and impressive job, but more to announce our expanded and renewed focus on applied security research. The new members of our team are myself, as the director of security research, as well as Mikhail Davidov, Mark Loveless and Darren Kemp who have joined our existing team.
It’s an exciting time around the Duo Security offices. As a company, we are rapidly growing and part of that growth is the building of a more focused advanced research team. As part of our renewed focus, we wanted to share with everyone the types of things we will be doing and what you can expect from Duo Labs.
While many other organizations employ research teams, our structure is a little bit different than the rest. Our team is not focused on revenue generation, or even on Duo products for that matter (although some of our work will undoubtedly find its way in to our products and help improve them in the process). Instead, our goal is to help IT organizations fully understand the security landscape. Furthermore, because we are not performing research for profit, our team will make it a priority to not just publish the results of our research but also publish our complete methodology. This means, that as a team we will be sharing how we researched the topic including all of our mistakes and frustrations during that research.
Our goal is to build a knowledge base that both IT practitioners and other security researchers can reference and use in their day to day jobs. While we’re a bit nervous to know that the entirety of our work will be published for all to judge, we’re also excited to collaborate with other researchers and experts and openly discuss what works and what does not work. If we are successful with this goal, over time, our published work and accompanying comments will evolve to become a more interactive forum where both researchers and IT practitioners can share ideas and learn from each other.
In addition to these efforts, we look forward to sharing our research with our existing customers so that they know they can come to us with any of their security needs, not just related to our own product. Our goal is to help everyone improve their security posture and provide expert guidance whenever we’re able. This guidance will be in the form of our existing Threat Notifications, blog content, whitepapers, and when feasible, video content.
Our team’s mission statement is as follows:
“To generate timely and meaningful information security research that is accessible to everyone while improving the security ecosystem of technology as a whole.”
We will accomplish this mission by focusing our efforts on projects that have an impact on the security (or insecurity) of devices, operating systems, consumer electronics, and even entire classes of technology.
As a team we want to challenge ourselves and our industry to make a difference and help others become more secure. Our website, blog, tools, presentations and any other form our research may take will be accurate, thorough, and fair, no matter what the research target may be. We will be critical and pointed, and we promise to not spread fear, uncertainty or doubt and to not rely on scare tactics. In fact, we’ll fact-check those who do publish alarmist research in an effort to “make the news.” Instead, we will do our best to present our research ideas as pragmatically and professionally as we can. Of course, as seen with our BACKRONYM release, we will still try to have fun when appropriate.
We are very excited about the projects we have on our list and are very open to collaborating with other research organizations that share the same values and goals. Questions, comments, or inquiries about potential joint research projects can be directed to research@duosecurity.com. Of course keep an eye on https://labs.duosecurity.com and @duo_labs on Twitter for updates on our projects.