Security Research

We like to push the boundaries of security: Our team is dedicated to continuously advancing the forefront of research in the realm of hacking. We have presented talks and papers at renowned conferences, participated in top hacking competitions such as DefCon CTF, or Pwn2Own, and have multiple team members pursuing their PhD.

Recent Research

Stay up-to-date on our latest research

We continuously publish new research papers, CVE's, and detailed technical blogposts. Keep up to date by following our blog closely! Here's a glimpse of what we've been doing recently:

Disclosure Policy

We take responsible disclosure seriously.

We adhere to an industry-standard 90+30 disclosure policy. This means once we notify the vendor about a security vulnerability, they have 90 days to create a patch and make it available for users. Neodyme will publicly disclose vulnerability details 30 days after the patch has been made available to users. If the vendor does not patch an issue within the initial 90 days, Neodyme reserves the right to publicize details of the vulnerability at the end of the 90-day period. However, the vendor has the option to receive an additional 14 day grace period to release a patch upon request. In such a case, Neodyme will publicize vulnerability details 120 days after the initial disclosure. This policy is inspired by the Google Project Zero disclosure policy.

Secure your business.
Take the right step today.

You like our research and would like to collaborate with us? Contact us today!