New Duo research: Weak Apple DEP Authentication Leaves Enterprises Vulnerable to Social Engineering Attacks and Rogue Devices


Over the last few months, Duo Labs has been researching the security of Apple’s Device Enrollment Program (DEP). In this research, Duo Labs discovered an authentication weakness in DEP, used by many organizations to automatically enroll devices in their Mobile Device Management (MDM) server. Simply put, enterprises use DEP to bootstrap the provisioning of Apple devices.

Learn more in the blog and full report.