If the world is run by little ones and zeroes and little bits of data, the Duo Labs team are the mad scientists putting ‘em to work. Not only do we have our customers’ backs by serving up deep knowledge, we’re also dedicated to protecting the public by identifying and fixing vulnerabilities on a broader scale. What does that look like? Prototyping new features and products, interpreting and analyzing data, building internal tools… and bringing to life wild ideas like bypassing PayPal’s 2FA, playing with public Wi-Fi, and attempting the first Push authentication from near space.
Here we explore the implementation of a legacy, but still actively marketed, wireless physical security system as well as how it undermines more advanced security controls. Several vulnerabilities...Continue Reading
This peach pit implements the HTTP/2 protocol RFC-7540 and is targetted at Microsoft Edge. It has been run through about 150,000 iterations and traffic samples within this...Continue Reading
This summer during DEF CON 24, Duo traveled to the Mojave Desert to launch a tricked-out weather balloon in pursuit of the first two-factor authentication push from the...Continue Reading
Another cool thing about Duo Labs is that we give a bigger look under the hood than the average security company. The Duo Labs blog presents our latest work, analysis and other insights.
You don’t have to go to a TED talk to hear from great minds in infosec — we host heavy hitters from around the industry to dive deep into areas of their expertise, from Mudge on creating DARPA’s cyber analytic framework to Runa A. Sandvik talking Tor and SecureDrop.
Watch a video walkthrough of how a Duo Labs researcher bypassed PayPal’s one-time password two-factor authentication.
You may have heard the stereotype about 400-pound hackers sitting in the warm glow of a monitor in their mom’s basement, but at Duo Labs we get around. Check out the various conferences, meetups and other hangs (which we’ll admit might sometimes happen in basements) where you can connect with us.
Join Duo in DC for this educational, one-day symposium, which will discuss the security challenges faced by Federal CISOs.
Join Duo to learn about the BeyondCorp security model, and how Duo Beyond helps these organizations meet compliance requirements.
Join Duo for the 2018 RSAC to discover the latest technology and interact with top security leaders and pioneers.
Do you like tinkering with tech and deconstructing it for discovery’s sake? Think security can make a serious impact but you don’t take yourself too seriously? Want to work on wild, unthinkable ideas? You might be the right match for Duo Labs’ band of misfits. Visit the Duo careers page to see how we’re looking to grow our team.