Wallarm security experts have conducted more than 200 security audits for banks, payment systems, internet companies, and other businesses worldwide.
We have nine years of experience and strong expertise in penetration testing, vulnerabilities discovery, and code analysis. Wallarm is trusted by many of Nasdaq and Fortune 500 companies for ensuring application security. Our security researchers have earned a number of bug bounty awards from the who’s who of the Internet, including Google, Facebook, Twitter, and Yandex.
Recently, several companies planning Initial Coin Offerings (ICO) have approached us to help secure these offerings. The strong interest in security is driven by the high risk of cybercrime and its severe financial impact. For instance, almost $15M or 10% of the entire value of Ethereum’s 2017 ICO investments were hijacked by bad agents, who either looked to establish control over ICO websites or to steal from coin buyers.
The service that Wallarm provides to ICO minters focuses on the security of the architecture, the event itself, and subsequent operations.
|Include ICO into the registry||Independent third-party verification available to all potential investors||“Verified by Wallarm” badge and verifiable registry entry|
|Smart contacts security review (including backdoors and business-related issues discovery)||Analysis and documentation of the smart token contract codebase for quality, security, and any possible discrepancies with the white paper||Smart Contract Audit Report|
|Network infrastructure discovery and audit (DNS, BGP, port scanning, and services discovery)||Generating a map of domains and IP addresses of all the assets, including online services under the same domain, utilizing dictionary domain scanning, regular and reverse DNS lookup, search engine indexes, and search across various public sources. Followed by port scanning and detecting services that are accessible on those ports.||Network Perimeter Discovery Report|
|Compliance security and configuration review (gold level and above)||Audit the software stack architecture security and configuration data. Detect possible vulnerabilities in the custom logic and underlying software stack.||Compliance Security Report|
|Penetration test (gold level and above)||Hybrid automated scanner and manual testing approach to detect vulnerabilities, assess risks, and suggest remediation steps.||Penetration Testing Report|
|ICO is searchable in the registry||Six months of service|
|Run-time protection of transactions and APIs by Wallarm’s AppSec solution||Six month protection by Wallarm Adaptive Application Security platform with Next Gen WAF||Attack and incident reports in the GUI|
|Proactive incident response by Wallarm team (platinum level only)||Risk assessment and managed incident response during ICO sales||Dedicated support contact during ICO|
|Extended contract for registry and Website Run-Time Protection||Additional six months of service|
|Marketing support||Approved press release template, professional security-related quotes for white papers|
|Premier marketing support||Custom industry-focused security chapter for the white paper|