Will Dormann

Will Dormann is an SEI alumni employee.

Will Dormann has been a software vulnerability analyst with Carnegie Mellon Software Engineering Institute's CERT Coordination Center (CERT/CC) since 2004. His focus area includes web browser technologies, ActiveX, and fuzzing. Will has discovered thousands of vulnerabilities through the use of fuzzing tools and other techniques.

Attacking COM via Word RTF

March 30, 2021 • Presentation

It's Time to Retire Your Unsupported Things

October 23, 2019 • Blog Post

The Dangers of VHD and VHDX Files

September 4, 2019 • Blog Post

Expectations of Windows RDP Session Locking Behavior

July 29, 2019 • Blog Post

Death by Thumb Drive

July 16, 2019 • Presentation

Source Code Analysis Laboratory (SCALe)

April 1, 2012 • Technical Note

Source Code Analysis Laboratory (SCALe) for Energy Delivery Systems

December 1, 2010 • Technical Report

As-If Infinitely Ranged Integer Model, Second Edition

April 1, 2010 • Technical Note

Instrumented Fuzz Testing Using AIR Integers (Whitepaper)

February 1, 2010 • White Paper

Vulnerability Detection in ActiveX Controls through Automated Fuzz Testing

January 1, 2008 • White Paper

It's Time to Retire Your Unsupported Things

October 23, 2019 • Blog Post

The Dangers of VHD and VHDX Files

September 4, 2019 • Blog Post

Expectations of Windows RDP Session Locking Behavior

July 29, 2019 • Blog Post

Life Beyond Microsoft EMET

August 29, 2018 • Blog Post

When "ASLR" Is Not Really ASLR - The Case of Incorrect Assumptions and Bad Defaults

August 3, 2018 • Blog Post

The Power of Fuzz Testing to Reduce Security Vulnerabilities

May 25, 2010 • Podcast

Web Traffic Analysis with CERT Tapioca

November 30, 2015 • Webcast

Heartbleed: Analysis, Thoughts, and Actions

May 13, 2014 • Webcast