Security Analysis at Scale
Cyber attacks, from botnets to zero-day exploits, cost the world billions each year. We're working to build trusted systems that can proactively help organizations defend against attacks, by identifying bugs and vulnerabilities in code and systems, securing them, and preventing them from being exploited.
Our work
Protection against data-oriented attacks through selective data integrity
Technical noteHans Liljestrand, Hani Jamjoom, Matthew Hicks, N. Asokan, Danfeng (Daphne) Yao, and Salman Ahmed(In)security of ElGamal in OpenPGP
ResearchLuca De Feo, Bertram Poettering, and Alessandro Sorniotti5 minute read
Projects
A cloud-native system telemetry framework that enables the creation of security analytics on a scalable, pluggable open-source platform.
Publications
Trust but Verify: Uncovering the Hidden Risks of Inaccurate SBOMs with JBomAudit
- Yue Xiao
- Jiyong Jang
- et al.
- 2025
- OSSNA 2025
PAKE Combiners and Efficient Post-Quantum Instantiations
- Julia Hesse
- Michael Rosenberg
- 2025
- Eurocrypt 2025
JBomAudit: Assessing the Landscape, Compliance, and Security Implications of Java SBOMs
- Yue Xiao
- Dhilung Kirat
- et al.
- 2025
- NDSS 2025
Automated Expansion of Privacy Data Taxonomy for Compliant Data Breach Notification
- Yue Qin
- Yue Xiao
- et al.
- 2025
- NDSS 2025
Real-Time Outlier Connections Detection in Databases Network Traffic
- Leonid Rodniansky
- Tania Butovsky
- et al.
- 2025
- arXiv
Digital Signatures with Outsourced Hashing
- Bertram Poettering
- Simon Rastikian
- 2024
- AsiaCrypt 2024