November 15, 2018

Whitepaper Updates

Over the last few months we’ve updated our popular whitepapers.

We always appreciate feedback and suggestions on our whitepapers, please don’t hesitate to get in touch.

November 13, 2018

Cryptosense on the NoLimitSecu Podcast

I was the guest on the francophone infosec podcast NoLimitSecu this week, talking about TLS v1.3: why it’s important, how it’s different from previous versions of the protocol, and what real differences to security the new cryptographic design will make. Check it out and see if my French accent has improved.

Thanks to the regular podcasters for the warm welcome and the searching questions: Christophe Renard, Nicolas Ruff, Johanne Ulloa, Marc-Frederic Gomez, and Vladimir Kolla.

September 28, 2018

Updating our Cloud Crypto Provider Comparison

Our comparison of cloud crypto services is one of the most popular pages on our site, so we’re making an effort to keep it up to date as the “big three” providers announce new features. The latest update includes faster KMS speeds recently announced by Amazon, the PKCS#12 method for Bring-your-own-key that’s supported by Microsoft Azure (but not so easy to find details of), and the Google KMS support for asymmetric keys.

The latest version of the infographic is below. If you’re interested in integrating your application with cloud crypto services or cloud HSMs, you might want to check out our new cloud crypto whitepaper, where we compare in detail these services and various migration approaches.

cloud security comparison - AWS KMS, Google Cloud KMS, Microsoft Azure Key Vault

October 14, 2016

Crypto Risk Training in Paris, 5th December

We’ll be running a new training here at our offices in central Paris in December covering crypto flaws in applications.

Mention crypto flaws to many people and they will think of deprecated algorithms that pose a marginal risk, but crypto bugs in applications can lead directly to things like remote code execution, compromise of credentials and loss of data. We’ll show how this happens and how to avoid it. The training will include some examples of real flaws we’ve found recently using our Analyzer software.

Go to the event page to find the syllabus and how to sign up.

 

Try Cryptosense Analyzer for Free

October 3, 2016

Cryptosense Java Analyzer – Case Study with Primekey

PrimeKey Solutions develops and supports the most downloaded open source enterprise public-key infrastructure (PKI) software available, EJBCA. You can find out why they use Cryptosense Analyzer for Java in a case study we’re releasing today.

We already use a variety of tools to ensure software quality, but we see security as an area of continuous improvement, and Cryptosense tools give us a cryptography-focused view that other tools can’t provide. A strong statement in itself, given the fact that PrimeKey’s teams of engineers work day in and day out with cryptography.

Tomas Gustavsson, CTO PrimeKey


Download the PrimeKey Case Study

Try Cryptosense Analyzer for Free

June 24, 2016

Cryptosense Wins the “Assises de La Sécurité” Startup Prize 2016

We’re delighted to announce we’re the winners of this year’s “Prix De l’Innovation”, a security start-up prize awarded by Le Cercle, an association of French CISOs and consultants.

We were shortlisted on the basis our our written submission, then took part in the pitch competition last Thursday evening in Paris. The prize is a booth at the annual “Assises de la Sécurité” show in Monaco in October, France’s largest security trade show and conference.

If you’re coming too, let us know, we would be delighted to give you a personal demo of our tools for finding and fixing weaknesses in cryptography use by applications and infrastructure.

Get a 14-day Cryptosense Analyzer Trial

May 18, 2016

Richard Horne joins Cryptosense Advisory Board

We’re delighted to announce that Richard Horne is joining our advisory board today. Richard brings a wealth of experience in information security and complements our existing line-up of mentors and advisors.

You can read all about it in our press release, but here are a couple of quotes:

richard horne pwc

Cryptography is an increasingly critical area for security and many organisations are unknowingly exposed by vulnerable implementations of cryptography buried in their applications and infrastructure. Cryptosense has a unique capability to find crypto vulnerabilities and enable organisations to protect themselves against modern threats that increasingly target those vulnerabilities. It’s a pleasure to help the founders shape the product to have maximum impact.

– Richard Horne

We’re delighted to welcome Richard Horne to our advisory board. He is an authority on current information security issues, and his deep experience will help us make sure our crypto vulnerability discovery products meet and exceed their users expectations.

– Cryptosense co-founder and CEO Graham Steel

About Richard Horne

Dr. Richard A. Horne is a Cyber Security Partner for PwC UK, responsible for developing its range of Cyber Security services and taking them to market. Prior to joining PwC, Dr. Horne built and led the operational cyber security capabilities which protect Barclays retail and commercial banking systems and electronic data globally and was previously COO of Global IT Operations of Barclays Retail and Commercial Bank. Richard was seconded to the UK Cabinet Office for 2011, to help shape and drive the national plan for Cyber Security – both across government and the wider economy. He serves on a number of advisory boards (Nok Nok Labs among others) for academic institutions and technology startup companies in Cyber Security and he served on the advisory board of PGP Corporation prior to its acquisition by Symantec. Dr. Horne holds a Ph.D. in Mathematics from Royal Holloway, University of London, and has represented the UK on security matters to the OECD, the European Commission and the International Standards Organization.

Try Cryptosense Analyzer for Free

February 25, 2016

Cryptosense at RSA 2016

Cryptosense will be at the RSA Conference in San Francisco February 29-March 4. We’ll have a stand on the PKCS#11 booth (South Expo #821) where we’ll be running demos of our Security Tools. Find out how we detect vulnerabilities in PKCS#11 HSM configurations with our smart fuzzing tools and then apply them to the keys your application uses to check their security in the event of a breach.

We’ll also run demos of our Java Crypto Analyzer and we’ll have a special announcement about our Crypto Service Discovery tool on March 1st. To schedule a private meeting, get in touch.

 

Try Cryptosense Analyzer for Free

Try a Free 14-day Trial

Cryptosense Analyzer audits your applications and infrastructure to find vulnerabilities and understand your crypto landscape. Use it to optimise bug-fix resources and demonstrate compliance.
Start free trial