Security Analysis at Scale
Cyber attacks, from botnets to zero-day exploits, cost the world billions each year. We're working to build trusted systems that can proactively help organizations defend against attacks, by identifying bugs and vulnerabilities in code and systems, securing them, and preventing them from being exploited.
Our work
Protection against data-oriented attacks through selective data integrity
Technical noteHans Liljestrand, Hani Jamjoom, Matthew Hicks, N. Asokan, Danfeng (Daphne) Yao, and Salman Ahmed(In)security of ElGamal in OpenPGP
ResearchLuca De Feo, Bertram Poettering, and Alessandro Sorniotti5 minute read
Projects
A cloud-native system telemetry framework that enables the creation of security analytics on a scalable, pluggable open-source platform.
Publications
Digital Signatures with Outsourced Hashing
- Bertram Poettering
- Simon Rastikian
- 2024
- AsiaCrypt 2024
Crossing Shifted Moats: Replacing Old Bridges with New Tunnels to Confidential Containers
- Ray Valdez
- Md Salman Ahmed
- et al.
- 2024
- CCS 2024
Enhancing Transparency and Accountability of TPLs with PBOM: A Privacy Bill of Materials
- Yue Xiao
- Adwait Nadkarni
- et al.
- 2024
- CCS 2024
WannaLaugh: A Configurable Ransomware Simulator, Learning to Mimic Malicious Storage Traces
- 2024
- SYSTOR 2024
GhostRace: Exploiting and Mitigating Speculative Race Conditions
- Hany Ragab
- Andrea Mambretti
- et al.
- 2024
- USENIX Security 2024
True Attacks, Attack Attempts, or Benign Triggers? An Empirical Measurement of Network Alerts in a Security Operations Center
- Limin Yang
- Zhi Chen
- et al.
- 2024
- USENIX Security 2024