If the world is run by little ones and zeroes and little bits of data, the Duo Labs team are the mad scientists putting ‘em to work. Not only do we have our customers’ backs by serving up deep knowledge, we’re also dedicated to protecting the public by identifying and fixing vulnerabilities on a broader scale. What does that look like? Prototyping new features and products, interpreting and analyzing data, building internal tools… and bringing to life wild ideas like bypassing PayPal’s 2FA, playing with public Wi-Fi, and attempting the first Push authentication from near space.
Here we explore the implementation of a legacy, but still actively marketed, wireless physical security system as well as how it undermines more advanced security controls. Several vulnerabilities...Continue Reading
This peach pit implements the HTTP/2 protocol RFC-7540 and is targetted at Microsoft Edge. It has been run through about 150,000 iterations and traffic samples within this...Continue Reading
This summer during DEF CON 24, Duo traveled to the Mojave Desert to launch a tricked-out weather balloon in pursuit of the first two-factor authentication push from the...Continue Reading
Another cool thing about Duo Labs is that we give a bigger look under the hood than the average security company. The Duo Labs blog presents our latest work, analysis and other insights.
The Duo Labs team analyzes the Bluetooth security of several different personal protection devices to shed light on how secure these devices are, and if they can be tracked remotely or reveal...Continue Reading
You don’t have to go to a TED talk to hear from great minds in infosec — we host heavy hitters from around the industry to dive deep into areas of their expertise, from Mudge on creating DARPA’s cyber analytic framework to Runa A. Sandvik talking Tor and SecureDrop.
Watch a video walkthrough of how a Duo Labs researcher bypassed PayPal’s one-time password two-factor authentication.
You may have heard the stereotype about 400-pound hackers sitting in the warm glow of a monitor in their mom’s basement, but at Duo Labs we get around. Check out the various conferences, meetups and other hangs (which we’ll admit might sometimes happen in basements) where you can connect with us.
Join Duo Security at the third annual Cyber Security Summit in Atlanta!
Join Duo in Mesa/Phoenix to network with other infosec professionals, participate in workshops, and attend several talks from over 25 speakers.
Join Duo at the 2018 Gartner IAM Summit in London to craft and implement an IAM vision and strategy for the digital age.
Join Duo to learn about the BeyondCorp security model and how Duo Beyond helps these organizations meet compliance requirements.
Do you like tinkering with tech and deconstructing it for discovery’s sake? Think security can make a serious impact but you don’t take yourself too seriously? Want to work on wild, unthinkable ideas? You might be the right match for Duo Labs’ band of misfits. Visit the Duo careers page to see how we’re looking to grow our team.