| FEATURED PRESS | + |
|
|
Dan Kaminsky speaks with CBC Radio's Drew Liefhiet about motivations behind the Open Security community and this year's Race to Zero competition at DefCon 16. The Search Engine podcast Dan Kaminsky identifies an Earthlink vulnerability involving its error page ads that would allow hackers to hijack the Internet. Read the Wired article here. RSA Con was a huge success! Read all about it here and here. Reverse Engineering Code with IDA Pro now available from Amazon.com. Sample available here >> Jason Larsen and Walter Pearce to present SCADA Defense: Protecting Critical Infrastructure training at SANS Orlando 2008. Jason Larsen to present Applied SCADA Security at SANS Orlando, to the MS-ISAC, and to the AGORA Security Organization. Robert M. Zigweid to present at (ISC)2 Application Security in March. |
||
|
UPCOMING EVENTS
SANS Security 2008, Orlando Infosecurity Europe 2008 Black Hat USA 2008 RSA 2009 InfoSec 2009 |
| IOACTIVE PROVIDES THE FOLLOWING SERVICES : | ||||||
APPLICATION SECURITY IOActive delivers customized application security services based on our clients' development process and deployment of product-ship requirements.
|
ADVISORY AND RISK MANAGEMENT IOActive' s experienced Advisory and Risk Management (ARM) team is passionate about helping organizations implement a control framework with measurable processes, and align information security with business strategies. |
INFRASTRUCTURE AUDIT A secure infrastructure is the cornerstone of protecting an organization’s systems, data, and applications, and complying with myriad international, federal, and state laws surrounding data privacy. The success of the modern enterprise depends on the security of the infrastructure. |
TRAINING Training is an integral part of effectively implementing and supporting organizational security policies, processes, and standards. |
|||
| LEARN MORE >> | LEARN MORE >> | LEARN MORE >> | LEARN MORE >> | |||
|
INCIDENT RESPONSE:
IOActive also provides Incident Response Services.
LEARN MORE >>
|
||||||
CASE STUDY
: SECURITY DEVELOPMENT LIFECYCLE
A Global 100 software company hired IOActive to provide expert secure development lifecycle services for one of its most mission critical products. IOActive is one company out of three in the world that have conducted this level of audit on a commercially available product of this size and class. |
||||||
|
INDUSTRY AFFILIATIONS     |
TEAM SPOTLIGHT
ILJA VAN SPRUNDEL Ilja Van Sprundel is experienced in exploit development as well as network and application testing. As a security consultant at IOActive he performs penetration testing; identifies system vulnerabilities; and designs custom security solutions for clients in software development, telecommunications, financial services, and non-profit organizations. Mr. Van Sprundel has a passion for computer security that takes the offensive, so, in addition to other projects, he has implemented a secure credit card transaction solution. At RWTH-Aachen he studied both offensive and defensive security mechanisms. Ilja has published papers on Mac OS X kernel insecurity and Fuzzing, as well as a book of shell code poetry. He has presented lectures at numerous international conferences including 22c3, PacSec, Ruxcon, and Syscan covering topics such as Unix kernel auditing, fuzzing, and breaking Mac OSX. Ilja won the 21c3 Stack Smashing contest and is a member of the Netric security research group. |
|||||