Larry Pesce

Larry Pesce, Director of Product Security Research & Analysis at Finite State, specializes in IoT security, penetration testing, & cybersecurity education.

Regulation

The EU Radio Equipment Directive (RED): A Deep Dive into Article 3.3 and Its Implications for IoT Manufacturers

Feb 14, 2025 4:34:45 PM 4 min read

Regulation

Executive Order 14144 Strengthens US Cybersecurity: What IoT Manufacturers Need to Know

Jan 24, 2025 12:31:47 PM 3 min read

Regulation

U.S. Cyber Trust Mark: What Manufacturers Need to Know About This Voluntary (but Valuable) Certification

Jan 16, 2025 2:50:18 PM 4 min read

Product Security

The Future of Connected Device Security Post CISA Guidance

Nov 13, 2024 6:21:34 PM 1 min read

IoT & OT

Expanding CISA’s Security Guidance Beyond OT/ICS: A Holistic Approach to IoT Security

Nov 6, 2024 11:55:12 AM 2 min read

Product Security

CISA's Product Security Bad Practices: Serious Implications for OT/ICS

Oct 28, 2024 9:15:00 AM 7 min read

What will the U.S. Cyber Trust Mark Certification Program look like?

Regulation

What will it look like as the U.S. Cyber Trust Mark Certification Program comes online?

May 30, 2024 10:53:02 AM 3 min read

Vulnerabilities

Uncovering the Critical Vulnerability in XZ Utils with Finite State

Apr 5, 2024 2:30:42 PM 3 min read

Cyber Trust Mark: Voluntary Cybersecurity Label for Smart Products

Regulation

FCC Launches Cyber Trust Mark, a Voluntary Cybersecurity Labeling for Smart Products

Mar 27, 2024 10:00:00 AM 3 min read

Vulnerabilities

Navigating the Terrain of Recent cURL Vulnerabilities: A Proactive Approach to Software Supply Chain Security

Oct 6, 2023 3:37:11 PM 3 min read

Vulnerabilities

Active Vuln Alert - Looney Tunables: Cause for Concern?

Oct 6, 2023 11:08:30 AM 3 min read

Vulnerabilities

Active Vulnerability Alert: The WebP Library Vulnerability (CVE-2023-4863): What you need to know

Sep 29, 2023 2:53:46 PM 4 min read

Vulnerabilities

Active Vuln Alert: OpenSSH

Jul 28, 2023 3:21:44 PM 3 min read

Software Supply Chain

Where the SLSA 1.0 Release Shines (and Its Limitations)

Apr 24, 2023 2:44:42 PM 4 min read

Emerging in IoT: The Matter IoT Protocol

IoT & OT

Emerging in IoT: Why Does It MATTER?

Mar 27, 2023 2:47:16 PM 10 min read

Load More Posts

Larry Pesce

Posts by Larry Pesce

The EU Radio Equipment Directive (RED): A Deep Dive into Article 3.3 and Its Implications for IoT Manufacturers

Executive Order 14144 Strengthens US Cybersecurity: What IoT Manufacturers Need to Know

U.S. Cyber Trust Mark: What Manufacturers Need to Know About This Voluntary (but Valuable) Certification

The Future of Connected Device Security Post CISA Guidance

Expanding CISA’s Security Guidance Beyond OT/ICS: A Holistic Approach to IoT Security

CISA's Product Security Bad Practices: Serious Implications for OT/ICS

What will it look like as the U.S. Cyber Trust Mark Certification Program comes online?

Uncovering the Critical Vulnerability in XZ Utils with Finite State

FCC Launches Cyber Trust Mark, a Voluntary Cybersecurity Labeling for Smart Products

Navigating the Terrain of Recent cURL Vulnerabilities: A Proactive Approach to Software Supply Chain Security

Active Vuln Alert - Looney Tunables: Cause for Concern?

Active Vulnerability Alert: The WebP Library Vulnerability (CVE-2023-4863): What you need to know

Active Vuln Alert: OpenSSH

Where the SLSA 1.0 Release Shines (and Its Limitations)

Emerging in IoT: Why Does It MATTER?

About Finite State