Blockchain Security Services

Security Audit, Assessment, and Validation

How can I identify and address security flaws in my blockchain solutions?

Unfortunately, just like any other IT solution, blockchain architecture is not inherently secure. Strong security and cryptographic protocols must be built in from the start. When this doesn’t happen, blockchain solutions are just as susceptible to attack and abuse as any other piece of code, database, or in-house written application.

Solution

Just like a peer review for scientific studies, having your blockchain solutions audited for security is an essential part of the development process.

 

For software solutions, we use a combination of manual code review and automated techniques such as fuzzing and dynamic code testing to validate a blockchain application’s countermeasures against an untrusted computing base. Once our testing is complete, we provide you with a full cryptographic gap analysis and thorough breakdown of security and logic flaws in protocols, applications, and software-based crypto storage.

 

The Kudelski Blockchain Security Center also undertakes comprehensive audits to identify security vulnerabilities in hardware solutions such as crypto wallets, hardware security modules (HSMs) and any other custom hardware in the trusted computing base. Our experts highlight security flaws present in microchips and other embedded hardware in order to determine their overall level of security and identify possible improvements. Techniques include fault injection, side channel, photonic emission, invasive circuit editing, and HW/SW reverse engineering.

 

Finally, once all flaws have been uncovered, we help your security developers apply appropriate fixes to your platforms, protocols, apps, and networks. Once the process is complete, you’ll see a dramatic improvement in the security and scalability of your blockchain solutions.

Why Us

Since our inception, Kudelski Security has built a reputation on providing world-class security assessments. Our blockchain security center is staffed by leading security and cryptography experts, and we’ve developed rigorous methodologies for detecting hardware and software vulnerabilities in blockchain technologies.

To find out more about our blockchain security services, or to arrange a consultation, contact us today.

Blog

  • Google, IBM, and the Quantum Supremacy Affair Explained
    by Tommaso Gagliardoni on November 20, 2019 at 4:05 pm

    You have probably heard about some big announcement by Google on the topic of “quantum supremacy”, and maybe also about a rebuttal by IBM criticizing […]

  • Audit of Binance TSS-lib
    by Tommaso Gagliardoni on November 6, 2019 at 2:06 pm

    Binance created an open source software library available on Github implementing a threshold ECDSA signature scheme (TSS), and hired Kudelski Security to perform a security […]

  • Audit of KZen’s Multi-party ECDSA
    by Nathan Hamiel on November 4, 2019 at 3:36 pm

    KZen hired Kudelski Security to perform a security assessment of their Multi-party ECDSA library and provided us access to their source code and associated documentation. […]

  • Navigating Your First Month as a New CISO
    by John Hellickson on November 4, 2019 at 2:49 pm

    The single most important thing you can do is to start building the relationships and political capital you’ll need to run your security program. Here’s how. In any new job, it’s important to assess the lay of the land. But when you start a new CISO role — whether it’s your first or fifth — […]

  • The Office 365 Avenue of Approach
    by Mark Mattei on October 22, 2019 at 1:00 pm

    Threat actors, advanced persistent threats, and simple cybercriminals are always looking for the latest way to get in or take advantage of potential victims. An avenue of approach is defined as a route of an attacking force leading to its objective. The latest and easiest avenue of approach is Office 365. Since this capability is […]

In the Press

Let's Talk