In just a couple of weeks, tens of thousands of students and professionals from all over the world will tune in to cheer on their favorite teams in six competitions. If you’ve been following our blog for some time, you’ll know just what we’re referring to: Cyber Security Awareness Week (CSAW), the nation’s largest student-run cyber security event.
Never let a good incident go to waste. Today, we’re using the OPM incident as an excuse to share with you our top recommendations for shoring up the security of your Google Apps for Work account. More than 5 million companies rely on Google Apps to run their critical business functions, like email, document storage, calendaring, and […]
Vulnerabilities have been discovered in Ruby applications with the potential to affect vast swathes of the Internet and attract attackers to lucrative targets online. These vulnerabilities take advantage of features and common idioms such as serialization and deserialization of data in the YAML format. Nearly all large, tested and trusted open-source Ruby projects contain some of […]
Today we are launching Empire Hacking, a bi-monthly meetup that focuses on pragmatic security research and new discoveries in attack and defense. Empire Hacking is technical. We aim to bridge the gap between weekend projects and funded research. There won’t be any product pitches here. Come prepared with your best ideas. Empire Hacking is exclusive. […]
We need to do more to protect ourselves. 2014 overflowed with front-page proof: Apple, Target, JPMorgan Chase, etc, etc. The current, vulnerable status quo begs for radical change, an influx of talented people, and substantially better tools. As we look ahead to driving that change in 2015, we’re proud to highlight a selection of our […]
For every security engineer you train, there are 20 or more developers writing code with potential vulnerabilities. There’s no human way to keep up. We need to be more effective with less resources. It’s time to make security a fully integrated part of modern software development and operations. It’s time to automate. This year’s THREADS […]
Cyber security is an increasingly complex and vibrant field that requires brilliant and driven people to work on diverse teams. Unfortunately, women are severely underrepresented and we want to change that. Career Discovery in Cyber Security is an NYU-Poly event, created in a collaboration with influential men and women in the industry. This annual symposium […]
A 2-day conference exploring state-of-the-art advances in security automation. We would like to share the call for papers for THREADS 2014, a research and development conference that is part of NYU-Poly’s Cyber Security Awareness Week (CSAW). Trail of Bits is a founding sponsor of THREADS. The final deadline for submissions is October 6th, but you […]
We’re proud to be a sponsor of the first Build it Break it programming contest, run by the University of Maryland (UMD) and supported by one of our own employees and PhD student at the university, Andrew Ruef. Build it Break it is a “flipped CTF” where contestants both implement secure software and identify vulnerabilities in […]
At Trail of Bits we are proud of our roots in academia and research, and we believe it is important to promote cyber security education for students of every academic level. We recently sponsored a High School Capture the Flag (CTF) event, we released a CTF Field Guide, and we are a regular part of […]
New York, NY (July 15th, 2014)—Veteran computer security researcher Nicholas DePetrillo has joined Trail of Bits, the New York-based security company, as Principal Security Researcher. Trail of Bits Co-founder and CEO Dan Guido announced the hire today. DePetrillo brings the headcount of the firm, which was founded by a team of three in 2012, to […]
Trail of Bits headquarters has moved! Located in the heart of the financial district, our new office features a unique design, cool modern decor, and an open layout that makes us feel right at home. With fast internet, well-appointed conference rooms, and comfortable work stations, we feel that this is a great place to grow […]
We are proud to have one of the only seven accepted funded-track proposals to DARPA’s Cyber Grand Challenge. Computer security experts from academia, industry and the larger security community have organized themselves into more than 30 teams to compete in DARPA’s Cyber Grand Challenge —- a first-of-its-kind tournament designed to speed the development of automated security […]
Free Online Coursework Allows Students, Professionals to Build Essential Offensive Security Skills New York, NY (May 20, 2014)–Security researchers at Trail of Bits today introduced the CTF Field Guide (Capture the Flag), a freely available, self-guided online course designed to help university and high school students hone the skills needed to succeed in the fast-paced, […]
Javelin shows you how modern attackers would approach and exploit your enterprise. By simulating real-time, real-world attack techniques, Javelin identifies which employees are most likely to be targets of spearphishing campaigns, uncovers security infrastructure weaknesses, and compares overall vulnerability against industry competitors. Javelin benchmarks the efficacy of defensive strategies, and provides customized recommendations for improving […]
