Security audits

Mae_Hill · April 23, 2023, 1:18pm

Dear all, I would like ask who does your security audits? Thanks

Connor_Howard · April 30, 2023, 8:02pm

I contact Blaize Tech

Jessysaurusrex · May 2, 2023, 7:15pm

It depends on what needs to be assessed! The range of services and expertise across vendors is not a one-size-fits-all thing, and throughout my time contributing to Cosmos I have evaluated a pretty hefty list of assessment firms who are good at different things.

What are you wanting to have audited? Knowing language, and what the thing is (an SDK module, a smart contract, etc.) helps with the matchmaking process. Though the initial set of security assessments of various Cosmos components (2017-2019) included NCC Group, Include Security, Kudelski Security, Least Authority, and Trail of Bits, the market for services (and willingness of firms to look at blockchain code) is much different than it was just a few years ago.

jacobgadikian · May 5, 2023, 5:49pm

That’s a fantastic answer Jesse!

I would also like to say that notional has begun to offer audit services, although this does depend as you exactly said, on what the needs of the audit are.

system · May 19, 2023, 5:49pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
SDK security considerations Security	1	696	October 1, 2019
Security & Clean Code Audit Report of Cosmos-SDK Code Miscellaneous	0	497	October 18, 2019
Building Trust in the Cosmos Ecosystem Conversation	1	164	February 26, 2024
Proof of Authority module Cosmos-SDK	0	723	February 8, 2022
Security Bug Bounty on Function X (Cosmos-SDK) Security	2	426	June 7, 2023

Security audits

Related Topics