Master your Cryptographic Infrastructure

Cryptosense enables development and deployment of crypto while ensuring compliance and security.

From 2011 to 2014, 17%* of crypto vulnerabilities in the CVE list were found in cryptographic libraries. The remaining 83% occurred in applications.

The 4-step Cryptosense approach to testing provides a holistic security solution for both libraries and applications.

 

Testing

Testing

A compliant cryptography provider is the first step towards a secure solution. Try our compliance tester for PKCS#11 APIs.

4 step icons2

Configuration

The implementation must be correctly configured by users to avoid vulnerabilities arising from combinations of commands which, when considered singly, are secure. Cryptosense software finds these combinations.

4 step icons3

App Tracing

Once the configuration is secure, the application has to make use of the interface in a secure way. Cryptosense App Tracer analyses the calls made to the crypto interface.

4 step icons4

Monitoring

Ongoing monitoring continually checks configurations and key usage, sending alerts if out of standard configurations are found. The solution can be tailored to suit system security policy and provide reports for audits.

 

 * “Why does cryptographic software fail? A case study and open problems” – David Lazar, Haogang Chen, Xi Wang, and Nickolai Zeldovich – Published at APSys ’14, June 25-26, 2014, Beijing, China.

The Cryptosense Software Suite

Smart Fuzzing

Our Compliance Tester is based on well-typed smart fuzzing. Paying attention to types ensures that test cases are meaningful.

Model Learning

Cryptosense Simulator constructs a logical model of the operation of each API function using our symbolic machine learning algorithm.

Model Checking

The model-checker uses a mixture of control-flow abstraction techniques and results from years of academic research to analyze system configuration, discovering and preventing attacks.

Product Information

Free demo version of Cryptosense Compliance Tester for PKCS#11. Make sure your PKCS#11 implementation covers every detail.

See how Cryptosense software imitates an intelligent attacker to find and prevent attacks on your specific installation.

Ensure your secured infrastructure stays that way with Cryptosense Monitor.

Cryptosense PKCS#11 Compliance Tester

Try a demo - runs on Linux and Windows