Security News: Code Audits

Code audit reports for clients who wanted our findings published.

Recent Code Audits Performed by Paragon Initiative Enterprises

  • 2016-04-04 Bytejail Core Audit

    The Bytejailcore audit is our most comprehensive investigation to date, and we are happy to say that we did not find any security-affecting vulnerabilities or cryptographic weaknesses.

  • 2016-04-04 Bytejail Client Audit

    Our investigation of the Bytejail client software did not uncover any security vulnerabilities, cryptographic weaknesses, or anything resembling a backdoor. User's sensitive credentials are never transmitted, and even error messages are anonymized and encrypted before they are sent to the developers.

  • 2016-04-04 Bytejail Backend Audit

    After a comprehensive code review of the TahoeSmart and TahoeWorker projects, we did not identify any security vulnerabilities in either project. However, our investigation did uncover a few helper classes that could benefit from security enhancements.

  • 2016-04-04 Bytejail Console Audit

    After reviewing the Bytejail console source code, we have identified three security issues: one of medium severity and two of low severity. All three are related to cryptography and believed to be difficult for an attacker to exploit.

  • 2016-01-03 Luís Cobucci's JWT library Audit

    We did not find any security vulnerabilities in the JWT library itself; however, we did find a previously undiscovered cryptographic vulnerability in one of its dependencies.

  • 2015-07-23 NaclKeys Audit

    Paragon Initiative Enterprises conducted a comprehensive code review of the NaclKeys project and discovered no security vulnerabilities.


Need Technology Consultants?

Will tomorrow bring costly and embarrassing data breaches? Or will it bring growth, success, and peace of mind?

Our team of technology consultants have extensive knowledge and experience with application security and web/application development.

We specialize in cryptography and secure PHP development.

Let's Work Together Towards Success

Our Security Newsletters

Want the latest from Paragon Initiative Enterprises delivered straight to your inbox? We have two newsletters to choose from.

The first mails quarterly and often showcases our behind-the-scenes projects.

The other is unscheduled and gives you a direct feed into the findings of our open source security research initiatives.

Quarterly Newsletter   Security Announcements