Blockchain is Not

Inherently Secure

Blockchain and Digital Ledger Technology (DLT) provide a foundation for disruptive innovation across all sectors and industries. Its success, however, likely depends on whether security is assured at all stages of the solution lifecycle.

While records on a blockchain are well protected through cryptography, the code and cryptography underpinning blockchain architectures are often complex, with undiscovered flaws.  For many projects, security has taken a back seat as enterprises or inventors rush to become first to market. Flaws in the design or implementation of blockchain networks leave them open to exploitation. Passwords and keys can be appropriated and misused. The distributed nature of infrastructure, clouds, and trust relationships have been exploited.

Kudelski Security empowers enterprise adopters to build security and encryption into their blockchain solutions from the start, making integration of highly secure components seamless and straightforward. With over three decades of cryptography expertise, and some of the world’s foremost blockchain thought leaders, we will help you succeed at every stage of your blockchain implementation — from inception and design to architecture review and training.

Blockchain/DLT

Security Services

Security Audit, Assessment, and Validation

Security Architecture Review

Security Design and Implementation

Security Training

Case Studies

Blog

  • Microsoft Passwordless Authentication 101 
    by Chris Goosen on May 12, 2020 at 5:49 pm

    Passwords have long been a daily part of our lives, but in today’s modern, cloud-first world the use of passwords alone leaves us increasingly more vulnerable to compromise. Large-scale data breaches are being reported more and more frequently in the media with more than 80% of hacking-related breaches involving compromised or weak credentialsi.  Traditional password management  Traditionally, we overcame

  • You Suck at Office 365 Logging
    by Chris Goosen on May 4, 2020 at 3:23 pm

    One of the misconceptions about cloud services is that you have to surrender all control when you sign-up. While it is true that you may no longer have racks of servers with blinking lights humming away in your data center, it doesn’t mean that you no longer have any visibility into how your users use

  • An Introduction to Oblivious RAM (ORAM)
    by Tommaso Gagliardoni on April 22, 2020 at 3:13 pm

    In this article we are going to have a look at a special kind of privacy-preserving cryptographic scheme: ORAMs. The acronym ORAM stands for Oblivious

  • SWD part 3 – SWO and nRST
    by Nicolas Oberli on April 15, 2020 at 3:00 pm

    The SWD interface does not only consist of the SWDIO and SWDCK lines, but also has optional signals used in more specific cases. In this

  • 5 Common CFP Submission Mistakes for Security Conferences
    by Nathan Hamiel on April 2, 2020 at 3:00 pm

    Throughout my years on the review board for Black Hat, I’ve seen quite a few mistakes in submissions. Many of these mistakes are ones I’ve

In the Press

Let's Talk