Security Articles

  • security-champions-1

    Scaling LinkedIn's Security Champions Program

    April 26, 2018

    Co-authors: Pavi Ramamurthy and Angel Liu   Three years ago, LinkedIn was looking to boost its internal security initiatives and encourage engineers to develop expertise in this crucial area. While there were many off-the-shelf certification programs available, we found that the best way to achieve these goals was to create an in-house Security Champions Program...

  • phishing-1

    How LinkedIn is Working to Address Confusion Between Vendor Email and Phishing Attacks Throughout the Industry

    February 15, 2018

    Companies have been warning their employees about phishing and trying to train them to detect these attacks for the past decade. But companies have been hiring vendors who send email messages to their employees that look like phishing attempts for even longer, which increases employee confusion and risk to the business. This blog post will provide sample...

  • featuredimage7

    Open Sourcing Jaqen, A Tool For Developing DNS Rebinding PoCs

    July 27, 2017

    Editor’s note: Members of the information security team at LinkedIn have an opportunity to work on research topics under a well-defined framework that allows them to evaluate new products and technologies, as well as explore the related threat surface. The team strives to find new and innovative ways to help simplify and strengthen security and contribute back...

  • Salary Explorer screenshot

    Bringing Salary Transparency to the World

    November 2, 2016

    This blog post was updated on June 15, 2017 Coauthor: Santosh Kumar Kancha There are any number of different factors that go into a...

  • Same Origin Method Execution Diagram

    Finding Same Origin Method Execution Vulnerabilities

    October 19, 2016

    This summer I had the privilege of interning on LinkedIn’s House Security team. During this period I was tasked to analyze the details...

  • Open Sourcing URL-Detector

    June 30, 2016

    Today, we’re excited to share that Linkedin is open-sourcing our URL-Detector Java library. LinkedIn checks hundreds of thousands of...