Cryptosense Analyzer Platform (CAP)
CAP looks deep inside applications to find information about the cryptography used by a client. This data is analyzed for vulnerabilities, certificate usage, and key lifecycle information.
Errors in the way that applications carry out cryptography can lead to compliance risks or data loss.
By ensuring that your applications are using cryptography securely, you can protect yourself against the damage caused by a data breach.
CAP’s unique tracing technology sees all the calls to the cryptographic libraries made by an application and provides a full inventory of the cryptographic operations used, including: algorithms, keys, key lengths, key storage, and libraries used for each operation.
CAP also shows you where in the stacktrace vulnerabilities or non-compliances have been found and suggests remediations. You can test against standards such as NIST or ENISA, or build your own policy. Testing can be automated in CI/CD.
For each vulnerability found, CAP explains in detail the level of risk in terms of the consequences of the attack, the level of expertise required to mount it, and the computing resources required.
In addition to risk assessment information, we provide instructions on how the problem can be resolved, whether by code changes, a library update or changes to configuration files
State-of-the-art IAST tool for finding and fixing cryptographic vulnerabilities in applicationsdownload