Other Topics - Duo Security

Every year during the holiday season, SANS publishes their annual Holiday Hack Challenge. These challenges are a great way to learn new and useful exploitation techniques to solve fun puzzles. Duo Labs’ Jordan Wright put together an in-depth article ...

Calling all healthcare organizations, providers, hospitals and business associates - are you ready for the HIPAA security audits coming in 2017? The governing body that enforces the Health Insurance Portability and Accountability Act of 1996 (HIPAA),...

Hey there Duo Community! I’ve got a new blog post up about traveling this holiday and keeping your tech safe. Feel free to ask any questions and we’ll put together a great and timely response (we’ll make up something and hope it makes sense). We hope...

@mkorovesisduo has created two brand-new video documentation for our Cisco ASA SSL VPN application. These are live on our documentation pages at Duo for Cisco AnyConnect VPN with ASA or Firepower | Duo Security and https://duo.com/docs/cisco-alt. Not...

In the past several years, retail data breaches have become so commonplace that they’re hardly news anymore. From Target to TJ Maxx to Vera Bradley, nearly everyone has been affected by retail fraud and data breaches at this point. As we buy our way ...

In late July 2016, SMS was formally declared undesirable and not recommended by National Institute of Standards and Technology (NIST). While not enough time has passed to draw a definitive conclusion, it appears Duo SMS-based authentications have not...

Keeping current in infosec can be challenging. There are countless security projects under development at any given time and it’s impossible to for the average person to keep track of them all. Duo Labs’ Mikahil Davidov lays out four projects to keep...

There’s a significant shift in how organizations are viewing information security, according to The Global State of Information Security Survey 2017 (PDF) from PricewaterhouseCoopers (PwC). This blog by Duo’s Thu Pham highlights some of the major tre...

One of the largest mobile network providers in the U.K. has confirmed that information about more than 100k customers were compromised following a data breach due to stolen employee credentials. While no financial information was accessed, contract a...

We’ve put together an easy-to-read, one-page guide to help customers and their users understand why Duo Push is the best way to authenticate. The pdf is hosted here and here’s a Knowledge Base article that provides some context around the guide. Whil...

Today, we released a new API client for the Swift Programming language on GitHub. We’d love for you to try it out! At Duo Security, we believe in democratizing security. We do this by delivering easy-to-use security technologies to our customers and ...

This year’s election was marred with stories of Russian hacks. Whether or not you agree that the hacking and leaking of information had any substantive effect on the outcome of the race, we can all agree that many foreign hackers may feel emboldened ...

SC Magazine reports iPhone users have been hit by a large scale SMS phishing campaign. Our own Steve Manzuik, director of security research at Duo Security, said Apple now provides two-factor authentication, and users should enable and use it. “In ad...

Is it possible to use Google’s 2FA in front of Duo? Or would it be better to ditch Google’s and go with Duo? Obviously, Google’s we already pay for, so there’s no additional cost involved.

In this modern age of security, trusting your users is not enough – you must also establish trust in all devices across your ecosystem. The best way to establish trust in your users’ devices is to use hardware-backed cryptographic properties, but how...