HP Security Research Blog
The HP Security Research blog provides a platform for security experts from across HP to discuss innovative research, industry observations, and updates on the threat landscape to help organizations proactively identify and manage risk.

Common Web mistakes that invite trouble

web security.jpgSometimes it seems as if security folk simply can’t shut off the part of their brain that looks for trouble. Unfortunately, years of questionable web site development tactics have made trouble plenty easy to find. See if any of these misbehaviors ring a bell.

Infographic: HP Security Research Cyber Risk Report 2015

very teeny tiny chart.pngThe annual Cyber Risk Report from HP Security Research provides organizations with a better understanding of the threat landscape and supplies resources that can aid in minimizing security risk. This year, we’re including an infographic detailing some of the more interesting data points detailed in the report.

Just another day at the office: A ZDI analyst’s perspective on ZDI-15-030

zdi-small.pngA vulnerability report received late last year by the Zero Day Initiative contained a particularly well-written and well-documented example of a Windows kernel issue. Let’s take a walk through ZDI-15-030.

Life after Windows Server 2003: Ready or not, here it comes

The impending end of support for Microsoft’s 11-year-old operating system should have businesses formulating a plan for their remaining Windows Server 2003 deployments. We look at what will and won’t happen on July 14, 2015 and how to think about what comes next.

Changes to Zero Day Initiative program benefits

zdi-small.pngAs the Zero Day Initiative looks forward to 2015, changes are coming to our program benefits. They’re designed to encourage new researchers and further reward our frequent submitters.

Showing results for 
Search instead for 
Do you mean 
About the Author(s)
  • Head of OpSec Research
  • I joined HP in 2014 and am currently a Sr. Security Content Developer within HP Security Research. In this role, I write and edit security analysis and supporting content from researchers.
  • Kernelsmith is senior vulnerability researcher with Hewlett-Packard Security Research (HPSR). In this role, he analyzes and performs root-cause analysis on hundreds of vulnerabilities submitted to the Zero-Day Initiative (ZDI) program. He also tries to automate whenever he can, pulling from the devops and virtualization arenas. Josh is also a developer for the Metasploit Framework and has spoken at a few conferences and holds a few certifications. Prior to joining HP, Smith served in the U.S. Air Force for 10 years and subsequently became a security engineer at the John Hopkins University Applied Physics Laboratory. Smith performed research into weapons systems vulnerabilities as well as evasion and obfuscation techniques to add depth and realism to security device tests. Smith received a B.S. in Aeronautical Engineering from Rensselaer Polytechnic Institute and an M.A. in Management of Information Systems from the University of Great Falls.
  • Security Researcher, Software Security Research
  • Security Researcher, Zero Day Initiative
  • Steve Povolny manages the Digital Vaccine team at HP TippingPoint. The team is composed of security researchers and filter/signature developers for the Intrusion Prevention System.
HP Blog

HP Software Solutions Blog


Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.