Skip to main content Skip to search

About A10 PSIRT Team

A10 PSIRT Team
A10 PSIRT Team

The A10 SERT Team is A10 Networks' Security Engineering Research Team.

Recent Posts By the Author

June 20, 2018

Application Load Balancer with Analytics for AWS GovCloud

A10 announces the immediate availability of its Harmony Controller SaaS with Lightning ADC for AWS GovCloud. A10 was invited to deliver the keynote address…

March 12, 2018

5 Ways IoT Threats Can Crumble Your DDoS Defenses

Distributed denial of service (DDoS) attackers have mastered the art of control when it comes to unsecured, connected devices, causing chaos and breeding…

March 7, 2018

Dawn of a New Threat: The IoT DDoS Invasion

The game has changed. Attackers now weaponize connected devices to launch destructive distributed denial-of-service (DDoS) attacks. Massive botnets can be created from these…

February 12, 2018

Avoid the SSL Encryption Shadow Monster: A Look at SSL Decryption

Freely Flowing SSL Encrypted Traffic The popular Netflix series “Stranger Things” – with all of its nods to 80’s sci-fi and nostalgia – is based…

February 9, 2017

HTTPS Interception and the Truth About Thunder SSLi Cipher Support

The A10 Networks Security Engineering Research Team recently reviewed the paper titled, “The Security Impact of HTTPS Interception,” which examines and grades the…

September 23, 2016

Patch Available for CVE-2014-8730 Padding Flaw

A10 Thunder ADC appliances running ACOS versions 2.7.2 P3 or earlier are susceptible to a TLS padding attack. The TLS padding flaw, identified…

June 10, 2016

CVE-2016-0270 GCM nonce vulnerability

Back in February we were contacted by Hanno Böck who had discovered an issue with how certain devices generate the nonce for AES-GCM…

January 31, 2016

OpenSSL Advisory from 2016-01-28

On January 28th, the OpenSSL project published an advisory which addressed CVE-2016-0701 (DH small subgroups) and CVE-2015-3197 (SSLv2 doesn’t block disabled ciphers). ACOS does not…

December 10, 2015

OpenSSL Advisory from 2015-12-03

On December 3rd, 2015, OpenSSL released a security advisory covering CVE-2015-3193, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196 and CVE-2015-1794 across multiple version of OpenSSL. Out of…

July 9, 2015

CVE-2015-1793: OpenSSL Alternative chains certificate forgery

On July 9th, OpenSSL released a security advisory containing a single item with "high" severity. This vulnerability was introduced by OpenSSL version 1.0.1n/1.0.1o…