HP Security Research Blog
The HP Security Research blog provides a platform for security experts from across HP to discuss innovative research, industry observations, and updates on the threat landscape to help organizations proactively identify and manage risk.

Displaying articles for: November 2013

Some uncomfortable truths about state-sponsored malware

Recent discussions regarding Edward Snowden and the NSA have raised some uncomfortable questions for the makers of anti-virus software.

How Protected is My Data at Rest?

One of the highest risk items on mobile devices is the sensitive data that users store, transfer, and access through apps.
Protecting that data from other applications is one consideration, however, we also have to consider the very real possibility of having the device stolen and compromised.

Tags: encryption

Fourth Annual BSIMM Conference

A few weeks ago we launched BSIMM-V at RSA Europe in Amsterdam and last week we held the fourth annual BSIMM Community Conference in Virginia. Read more about this conference, and the 3 big takeaways.

HP TippingPoint DVLabs Signature Response - PacSec West 2013: Mobile Pwn2Own

HP DV Labs teams up with HP Security Research Zero Day Initiative to provide immediate security coverage for all exploits purchased at Mobile Pwn2Own Tokyo!

Mobile Pwn2Own 2013 Yields Exploits in Safari, Samsung S4 applications

Mobile Pwn2Own 2013 started out with a bang. HP’s Zero Day Initiative and competition co-sponsors Google and Blackberry awarded $67,500 USD for the disclosure of multiple 0-day vulnerabilities and exploit techniques in the Safari browser and mobile applications.  We are excited to bring Pwn2Own to Japan to see the breadth of research from across the world, including exploits which reveal techniques that can help internal security teams improve their mitigations. 

HP ArcSight Application View: The Installation

Check out this video on how easy it is to get HP ArcSight Application View installed.

Welcome to Mobile Pwn2Own at PacSec Tokyo - Super, happy fun

It's the big day! Join us for all the excitement of HP's ZDI Mobile Pwn2Own contest at PacSec in Tokyo. We'll be blogging throughout the day with news and the results of the contest.

Search
Showing results for 
Search instead for 
Do you mean 
About the Author(s)
  • Head of OpSec Research
  • I am a senior security content developer with Hewlett-Packard Security Research (HPSR). In this role, I write and edit security analysis and supporting content from researchers, including those from HP’s Zero Day Initiative (ZDI) program. The ZDI program augments HP’s Enterprise Security Products with zero-day research through a network of over 3,000 independent researchers around the world. I am also responsible for providing insight into the threat landscape; competitive intelligence to the research team; and providing guidance on the social media roadmap. Part of my role includes speaking publicly and promoting the research and technology of the HPSR.
  • Kernelsmith is senior vulnerability researcher with Hewlett-Packard Security Research (HPSR). In this role, he analyzes and performs root-cause analysis on hundreds of vulnerabilities submitted to the Zero-Day Initiative (ZDI) program. He also tries to automate whenever he can, pulling from the devops and virtualization arenas. Josh is also a developer for the Metasploit Framework and has spoken at a few conferences and holds a few certifications. Prior to joining HP, Smith served in the U.S. Air Force for 10 years and subsequently became a security engineer at the John Hopkins University Applied Physics Laboratory. Smith performed research into weapons systems vulnerabilities as well as evasion and obfuscation techniques to add depth and realism to security device tests. Smith received a B.S. in Aeronautical Engineering from Rensselaer Polytechnic Institute and an M.A. in Management of Information Systems from the University of Great Falls.
  • Security Researcher, Software Security Research
  • Security Researcher, Zero Day Initiative
  • Steve Povolny manages the Digital Vaccine team at HP TippingPoint. The team is composed of security researchers and filter/signature developers for the Intrusion Prevention System.
HP Blog

HP Software Solutions Blog

Featured


Follow Us
Labels
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.