Larry Pesce

Larry Pesce, Director of Product Security Research & Analysis at Finite State, specializes in IoT security, penetration testing, & cybersecurity education.

Posts by Larry Pesce

The Future of Connected Device Security Post CISA Guidance
the future of connected device security post CISA-guidance

The Future of Connected Device Security Post CISA Guidance

Nov 13, 2024 6:21:34 PM 1 min read
Expanding CISA’s Security Guidance Beyond OT/ICS: A Holistic Approach to IoT Security
Expanding CISA's security guidance beyond OT/ICS

Expanding CISA’s Security Guidance Beyond OT/ICS: A Holistic Approach to IoT Security

Nov 6, 2024 11:55:12 AM 2 min read
CISA's Product Security Bad Practices: Serious Implications for OT/ICS
CISA's product security bad practices

CISA's Product Security Bad Practices: Serious Implications for OT/ICS

Oct 28, 2024 9:15:00 AM 7 min read
What will it look like as the U.S. Cyber Trust Mark Certification Program comes online?
What will the U.S. Cyber Trust Mark Certification Program look like?

What will it look like as the U.S. Cyber Trust Mark Certification Program comes online?

May 30, 2024 10:53:02 AM 3 min read
Uncovering the Critical Vulnerability in XZ Utils with Finite State
Uncovering the Critical Vulnerability in XZ Utils with Finite State

Uncovering the Critical Vulnerability in XZ Utils with Finite State

Apr 5, 2024 2:30:42 PM 3 min read
FCC Launches Cyber Trust Mark, a Voluntary Cybersecurity Labeling for Smart Products
Cyber Trust Mark: Voluntary Cybersecurity Label for Smart Products

FCC Launches Cyber Trust Mark, a Voluntary Cybersecurity Labeling for Smart Products

Mar 27, 2024 10:00:00 AM 3 min read
Navigating the Terrain of Recent cURL Vulnerabilities: A Proactive Approach to Software Supply Chain Security
Navigating the Terrain of Recent cURL Vulnerabilities: A Proactive Approach to Software Supply Chain Security

Navigating the Terrain of Recent cURL Vulnerabilities: A Proactive Approach to Software Supply Chain Security

Oct 6, 2023 3:37:11 PM 3 min read
Active Vuln Alert - Looney Tunables: Cause for Concern?
Active Vuln Alert - Looney Tunables: Cause for Concern?

Active Vuln Alert - Looney Tunables: Cause for Concern?

Oct 6, 2023 11:08:30 AM 3 min read
Active Vulnerability Alert: The WebP Library Vulnerability (CVE-2023-4863): What you need to know
Active Vulnerability Alert: The WebP Library Vulnerability (CVE-2023-4863): What you need to know

Active Vulnerability Alert: The WebP Library Vulnerability (CVE-2023-4863): What you need to know

Sep 29, 2023 2:53:46 PM 4 min read
Active Vuln Alert: OpenSSH
Active Vulnerability Alert: OpenSSH

Active Vuln Alert: OpenSSH

Jul 28, 2023 3:21:44 PM 3 min read
Where the SLSA 1.0 Release Shines (and Its Limitations)
Where the SLSA 1.0 Release Shines (and Its Limitations)

Where the SLSA 1.0 Release Shines (and Its Limitations)

Apr 24, 2023 2:44:42 PM 4 min read
Emerging in IoT: Why Does It MATTER?
Emerging in IoT: The Matter IoT Protocol

Emerging in IoT: Why Does It MATTER?

Mar 27, 2023 2:47:16 PM 10 min read
Active Vuln Alert: cURL/libcurl
Active Vuln Alert: cURL/libcurl

Active Vuln Alert: cURL/libcurl

Mar 7, 2023 12:06:30 PM 3 min read