Testing Cryptographic Security in your Applications

Cryptosense provides state-of-the-art analysis software to help some of the world’s largest organizations eliminate the vulnerabilities caused by crypto misuse in their applications and infrastructure.

 

Detect and correct flaws due to crypto misuse in your applications

Cryptosense Analyzer gives you an extensive inventory of the crypto used in your application and identifies vulnerabilities resulting from it. It then gives remediations to fix these flaws.

Find key-management flaws, password-storage errors, weak algorithms/short keys, randomness issues, poor nonce management, vulnerable composition of operations, and more.

Screenshot

Cryptosense Analyzer can help you master crypto risk in your Java, PKCS#11 and OpenSSL applications.

 

Test your applications

Request a demo of Cryptosense Analyzer to see how you can use it to test your applications and infrastructure, understand your crypto landscape, and optimise bug-fix resources.

Cryptosense Analyzer finds issues such as:
– Weak crypto in a graphics library leading to Remote Code Execution
– Legacy sized keys inadvertently deployed in production
– Low entropy key derived from ASCII encoding of UUID

Request a demo

We use Calendly so that you can have a demo at a time that suits you

 

Use Cases

1. Automate crypto vulnerability assessment

Quickly understand the vulnerability landscape of an application or HSM without painstaking manual analysis. Track crypto KPIs, reduce time spent on remediations, and ensure that correct policy is being followed.

2. Faster, more cost effective audits

Efficiently prepare for audits by eliminating vulnerabilities in advance. Optimise crypto expertise resources by only treating real findings – not false positives.

3. Migrate sensitive applications securely

Understand the cartography of the crypto in your application. Ensure security is maintained as you rearchitect, switch libraries, or deploy applications in the cloud.

“SAST does not go as far as Cryptosense is the detailed analysis of crypto calls. The value is in the relevance of findings. One can see many more things with Cryptosense than with SAST.”

International PKI Software Company

Cryptosense is:

A unique rule base, proprietary algorithms and a patent-pending analysis method.

Our team is headed by Dr. Graham Steel, who has more than fifteen years experience in crypto research.

Cryptosense software is based on technology developed by Graham whilst working with some of the world’s leading applied crypto labs. Our rules and algorithms are constantly updated thanks to internal R&D and on-going partnerships with labs in the research community.

We have published White Papers on several subjects including Java Crypto and Securing HSMs.

Cryptosense is based in Paris, France. The company was started in 2013. We are VC funded.

 

Download Java Crypto Security Whitepaper

Find out how to find and fix crypto vulnerabilities in Java