Blockchain is Not

Inherently Secure

Blockchain and Digital Ledger Technology (DLT) provide a foundation for disruptive innovation across all sectors and industries. Its success, however, likely depends on whether security is assured at all stages of the solution lifecycle.

While records on a blockchain are well protected through cryptography, the code and cryptography underpinning blockchain architectures are often complex, with undiscovered flaws.  For many projects, security has taken a back seat as enterprises or inventors rush to become first to market. Flaws in the design or implementation of blockchain networks leave them open to exploitation. Passwords and keys can be appropriated and misused. The distributed nature of infrastructure, clouds, and trust relationships have been exploited.

Kudelski Security empowers enterprise adopters to build security and encryption into their blockchain solutions from the start, making integration of highly secure components seamless and straightforward. With over three decades of cryptography expertise, and some of the world’s foremost blockchain thought leaders, we will help you succeed at every stage of your blockchain implementation — from inception and design to architecture review and training.

Blockchain/DLT

Security Services

Security Audit, Assessment, and Validation

Security Architecture Review

Security Design and Implementation

Security Training

Case Studies

Blog

  • Tips From Over A Decade of Working Remotely
    by Nathan Hamiel on March 25, 2020 at 4:00 pm

    The presence of COVID-19 has led to some unprecedented times. With a large portion of the workforce now working from home, there are numerous security implications that arise. Our previous post is an extensive FAQ that covers everything you need to know about the cybersecurity concerns and how to address them. Today, we’ll dive into […]

  • Microsoft Type 1 Font Parsing Critical 0-Day Remote Code Execution Vulnerabilities
    by Kudelski Security Team on March 24, 2020 at 9:16 pm

    Summary On March 23rd, 2020 Microsoft publicly disclosed the existence of two critical 0-Day vulnerabilities in all recent versions of the Microsoft Windows operating system. Microsoft is aware of limited targeted attacks that leverage these 0-Day vulnerabilities and has provided guidance on how to temporarily mitigate the exploitation of these unpatched vulnerabilities. Patches for these […]

  • Cybersecurity Concerns with COVID-19
    by Kudelski Security Team on March 18, 2020 at 10:53 pm

    We are having increasing numbers of conversations with clients about cybersecurity and business continuity challenges resulting from the rapid adoption of work-from-home scenarios to combat the spread of COVID-19. Clients are interested in cybersecurity policy updates to improve remote access, and asking for increased employee education around BYOD security, secure WiFi use, basic security hygiene, […]

  • Security Advisory: Microsoft Server Message Block 3 (SMBv3) Remote Code Execution Vulnerability
    by Francisco Donoso on March 12, 2020 at 9:10 am

    Updated on March 12th, 2020: to reflect that Microsoft has now made a patch for the vulnerability available. As such, we’ve updated the advisory reflects updated mitigations.    Summary  On March 10th, a critical Remote Code Execution (RCE) vulnerability in the Microsoft Server Message Block (SMBv3) protocol was inadvertently disclosed. The vulnerability, known as CVE-2020-0796, is caused by how newer Windows operating systems handle certain requests, specifically compressed SMBv3 packets. Microsoft intended to release a patch for this […]

  • Differential privacy: a comparison of libraries
    by Nils Amiet on March 11, 2020 at 3:00 pm

    Note that this article is a hands-on, applied, comparison and does not try to explain all the details of differential privacy. For more background information […]

In the Press

Let's Talk