Resources

Overview Advisories Tools Publications

Resources

IOActive's security advisories (vulnerabilities), customized utilities (tools), and white papers (publications) provide a comprehensive approach to both identifying and mitigating weak points in your organization's applications and infrastructure.

Advisories

• Microsoft Windows CryptoAPI X.509 Spoofing Vulnerability
• IOActive offers best practices for how to protect your computer against the Adobe Reader 9.0 vulnerability
• QNX ker_msg_sendv System Call Integer Overflow
• AppleTalk Response Packet Parsing Array Over-indexing Vulnerability

More advisories.

Tools

• DDS Fuzzers
• NTLM Web Proxy
• JFuzz 2 Binary Protocol Analysis toolset
• Simple Stupid HTTP Daemon

More tools.

Publications

• Cloud Security Alliance: Top Threats to Cloud Computing V1.0
• IOActive: Improving RoI by Using an SDL
• Josh Pennell and Ward Spangenberg: Security Guidance for Critical Areas of Focus in Cloud Computing
• Dan Kaminsky: PKI Layer Cake: New Collision Attacks Against the Global X.509 CA Infrastructure

More publications.