Cryptosense Analyzer Platform (CAP)
CAP contains a state-of-the art HSM fuzzer that reveals any vulnerabilities or errors in HSM implementations and configuration. Our PKCS#11 module shows you all the calls an application makes to the HSM, including all the keys that are stored there and how they are protected and used.
Hardware-based cryptography is a core technology for controlling risk in potentially hostile environments such as mobile, cloud and Internet of things.
However, choosing, configuring, deploying and securely using a cryptographic device like a Hardware Security Module (HSM) is far from simple. A small mistake in the details can lead to a complete loss of security.
Our adaptative mutation-based fuzzing engine explores the corner-cases of the PKCS#11 standard as implemented in the device under test. The results are passed through more than 100 compliance and vulnerability filters to detect anomalies and weaknesses like CVE-2015-5464 and CVE-2015-6924. This facilitates security testing of vendors equipment before procurement as well as evaluation of firmware updates and configuration changes.
Thanks to our experience testing PKCS#11implementations, we know where tolook for corner cases in the API. Our100+ compliance rules cover all the keymanagementfunctions and requirementson attributes detailed in easy-to-missfootnotes in the standard.
State-of-the-art tool for finding and fixing cryptographic vulnerabilities in PKCS#11download