Papers by Recurity Labs
- Software Security is Software Reliability
Communications of ACM, Volume 49, Issue 6, June 2006
Note: a somewhat bad article, since the original paper had to be cut down to less than half of it's size and the editor(s) requested the wrong parts to stay in. The original draft can be found here. - Recurity_Labs_Whitepaper_Cisco_Forensics.pdf
Whitepaper covering Cisco IOS forensic developments, released at BlackHat Briefings Washington DC 2008. - Recurity_Labs_Whitepaper_Blitzableiter.pdf
Whitepaper about the rationale behind Blitzableiter, released for BlackHat Briefings USA 2010. - Fabs_VulnerabilityExtrapolation_Thesis2011.pdf
Fabian 'Fabs' Yamaguchi: "Automated Extraction of API Usage Patterns from Source Code for Vulnerability Identification" - Lindner_Gaycken-Back-to-Basics.pdf
Lindner, FX & Gaycken, S. 2014, 'Back to Basics: Beyond Network Hygiene', Best Practices in Computer Network Defense: Incident Detection and Response, M.E. Hathaway (Ed.), pp. 54-64
doi:10.3233/978-1-61499-372-8-54
See also the respective NATO Newsroom page
Presentations by Recurity Labs
- Selling LangSec - a marketing training given at IEEE S&P
Selling LangSec presented at the LangSec workshop at the IEEE Security and Privacy Workshops 2014. - Apple vs. Google Client Platforms and the Cloud context
Apple vs. Google Client Platforms presented at BlackHat Europe 2012. - Vulnerability Extrapolation "Give me more bugs like that"
Vulnerability Extrapolation presented at BlackHat USA, August 2011. - Blitzableiter Release (BETA) - Countering Flash Exploits
The Blitzableiter BETA Release talk presented at BlackHat USA, July 2010. - Defending the Poor - Countering Flash Exploits
Defending the Poor - Countering Flash Exploits at BlackHat Europe, April 2010. - Defending the Poor - Countering Flash Exploits
Defending the Poor - Countering Flash Exploits at 26C3, December 2009. - Router Exploitation
Router Exploitation Talk improved version, given a couple of times in 2008, eg. Excalibur Con, Confidence 2.0. - Recurity Labs on TCP Vulnerabilities
TCP Vulnerabilities at 25C3, December 2008. - Recurity Labs PortBunny, DEFCON 16
Recurity Labs PortBunny at DEFCON - BlackHat Briefings, Las Vegas 2008
RecurityLabs_Developments_in_IOS_Forensics_USA08.pdf - BlackHat Briefings, Washington DC 2008
RecurityLabs_Developments_in_IOS_Forensics.pdf - 24C3 - Recurity Labs PortBunny, Berlin 2007
Recurity Labs PortBunny Presentation at the 24th Chaos Communication Congress, Berlin, Germany. - Hackers vs. Academia, 2nd International Workshop on Secure Information Systems (SIS'07) October 2007, Wisla, Poland
Joern Bratzke's Presentation: RecurityLabs_Academia_vs_Hackers.pdf