Software Engineering Institute

William Dormann

Software Engineering Institute

Will Dormann is an SEI alumni employee.

Will Dormann has been a software vulnerability analyst with Carnegie Mellon Software Engineering Institute's CERT Coordination Center (CERT/CC) since 2004. His focus area includes web browser technologies, ActiveX, and fuzzing. Will has discovered thousands of vulnerabilities through the use of fuzzing tools and other techniques.

Will Dormann

All

Tech Publications

Blog Posts

Podcasts

Videos

Attacking COM via Word RTF

March 30, 2021 • Presentation

By Will Dormann

It's Time to Retire Your Unsupported Things

October 23, 2019 • By Will Dormann

The Dangers of VHD and VHDX Files

September 4, 2019 • By Will Dormann

Expectations of Windows RDP Session Locking Behavior

July 29, 2019 • By Will Dormann, Joseph Tammariello

Death by Thumb Drive

July 16, 2019 • Presentation

By Will Dormann

More from William Dormann

Source Code Analysis Laboratory (SCALe)

April 1, 2012 • Technical Note

By Robert C. Seacord, Will Dormann, James McCurley, Philip Miller, Robert W. Stoddard, David Svoboda, Jefferson Welch

Source Code Analysis Laboratory (SCALe) for Energy Delivery Systems

December 1, 2010 • Technical Report

By Robert C. Seacord, Will Dormann, James McCurley, Philip Miller, Robert W. Stoddard, David Svoboda, Jefferson Welch

As-If Infinitely Ranged Integer Model, Second Edition

April 1, 2010 • Technical Note

By Roger Dannenberg (School of Computer Science, Carnegie Mellon University), Will Dormann, David Keaton, Thomas Plum (Plum Hall, Inc.), Robert C. Seacord, David Svoboda, Alex Volkovitsky, Timothy Wilson

Instrumented Fuzz Testing Using AIR Integers (Whitepaper)

February 1, 2010 • White Paper

By Roger Dannenberg (School of Computer Science, Carnegie Mellon University), Will Dormann, David Keaton, Robert C. Seacord, Timothy Wilson, Thomas Plum (Plum Hall, Inc.)

Vulnerability Detection in ActiveX Controls through Automated Fuzz Testing

January 1, 2008 • White Paper

By Will Dormann, Daniel Plakosh

More from William Dormann

It's Time to Retire Your Unsupported Things

October 23, 2019 • By Will Dormann

The Dangers of VHD and VHDX Files

September 4, 2019 • By Will Dormann

Expectations of Windows RDP Session Locking Behavior

July 29, 2019 • By Will Dormann, Joseph Tammariello

Life Beyond Microsoft EMET

August 29, 2018 • By Will Dormann

When "ASLR" Is Not Really ASLR - The Case of Incorrect Assumptions and Bad Defaults

August 3, 2018 • By Will Dormann

More from William Dormann

The Power of Fuzz Testing to Reduce Security Vulnerabilities

May 25, 2010 • Podcast

By Will Dormann, Julia H. Allen

More from William Dormann

Web Traffic Analysis with CERT Tapioca

November 30, 2015 • Webcast

By Will Dormann

Heartbleed: Analysis, Thoughts, and Actions

May 13, 2014 • Webcast

By Will Dormann, Robert Floodeen, Brent Kennedy, Bill Nichols, Jason McCormick, Robert C. Seacord

More from William Dormann