Staging server. Your account won't work here. Build: dev@Apr/11-15:14
Hardenize has joined Red Sift! Find out more in our blog post.

Hardenize Labs

Hardenize Labs is a section on our web site where we host our research projects. Sometimes we work on them for fun, or as part of a larger development effort. We hope that you will find some of them interesting.

Confusables: Detection of Phishing Hostnames in CT

With the introduction of mandatory Certificate Transparency support for all public certificates, the world gained a valuable repository of data. With this project, we mine all the available information to find evidence of phishing activity and other obfuscation in the DNS. We monitor all public certificates as they are issued, extract the hostnames from them, and analyze each name for obfuscation clues.  MORE »

Government Configuration Guidance

Recently we've been spending our time looking at the official configuration guidance for secure protocol configuration provided by various countries and government organizations. It is usually the case that such advice is binding, which naturally influences how services are configured. What became obvious is that this advice is not always easy to find, and that's why we've decided to publish our current list and to continue building it in public.  MORE »

Hardenize Policy New

Hardenize Policy is our new effort to address the root causes of slow adoption of new security standards. We believe that the sheer number of available standards, their complexity, and the fast pace of change is a significant barrier for many. Hardenize Policy aims to provide a single comprehensive guide, in a form designed for quick and efficient knowledge transfer. Our first installment covers security of email infrastructure, with additional documents to follow.  MORE »