Binary Analysis

How can you ensure your software is free of backdoors, is secure, and meets regulatory standards?

Software is often built using third-party components and libraries for which the source code is unavailable or is protected. If you can access the code, are you certain the binary was built from the same source?

Binary analysis is a necessary part of software security because it uncovers:

• Vulnerabilities introduced in the compilation processes
• Common weaknesses such as SQL injection, cross-site scripting, and buffer overflows
  
• Malicious content such as backdoors and rootkits that were added without the author’s knowledge

But, a deep investigation of binary software requires highly-specialized knowledge and tooling. Without the right expertise, the process can be slow, difficult to scale, and requires monumental effort after each new release or patch.

Our automated binary analysis:

• Identifies bugs in binary-only USB firmware
• Synthesizes inputs that trigger patched vulnerabilities
  
• Deobfuscates packed libraries
• Finds functions used inside the binary
• Uncovers authentication errors or backdoors
  
• Quantifies the difference between two binaries

Beyond automation, your Trail of Bits project team will explain any discovered issues and help you understand best practices for remediation. The result: fewer vulnerabilities and assurance that your software is as secure as it can be.

Blockchain Security

Blockchain is quickly becoming a more-secure way for organizations to transact. While decentralization and continuous verification make Blockchain inherently more secure than other software, it is, at its core, software attackers can exploit.

Applications built on Blockchain are susceptible to bugs, social engineering, malware, and more—all the same exploit concerns as other software you build, buy, or deploy.

Our Blockchain security assessments help you understand:

• Is it possible for an unauthorized party to gain administrative access to my smart contracts?
  
• Are tokens within the contract managed and stored correctly?
  
• Can participants manipulate bonding and transcoding protocols to gain an advantage?
  
• Are backdoors present? Does the code contain common errors?
  

Trail of Bits doesn’t just understand Blockchain security, we build industry-leading tools that find and help fix vulnerabilities. We are the leaders in smart contract security assessments and the security implications of the Solidity language, its compiler, and the Ethereum Virtual Machine.

Our tool offerings include:

• Manticore, a symbolic emulator capable of simulating complex multi-contract and multi-transaction attacks against EVM bytecode.
  
• Ethersplay, a graphical EVM disassembler capable of method recovery, dynamic jump computation, source code matching, and binary diffing.
  
• Slither, a static analyzer that detects common mistakes such as bugs in reentrancy, constructors, method access, and more.
  
• Echidna, a next-generation smart fuzzer that targets EVM bytecode. The Assurance team will apply their knowledge of these tools with expertise in static analysis, fuzzing and concolic testing, and design-level risks to ensure your smart contracts are free from vulnerabilities and that you have the right tools and knowledge to ensure long-term success.

Cryptography

Modern cryptography underpins all secure communication and collaboration. Correctly implemented, cryptography maintains the confidentiality and integrity of data in even the most extreme circumstances. However, this high level of assurance is fragile due to the mathematically complex nature of cryptographic security. Not only do the underlying libraries need to be flawless, but an incorrect combination of primitives or API calls can introduce subtle and dangerous vulnerabilities. Even well known protocols like Bluetooth have been compromised by incorrect use of cryptographic primitives.

Trail of Bits has extensive experience reviewing a variety of complex cryptographic libraries and protocols. We also pride ourselves on keeping up with the latest research in cryptography and cryptanalysis. We know where to look for bugs, and we know the classes of attack to protect against. Whether you’re building a key management system or developing a protocol that achieves confidential transactions through zero-knowledge proofs, we can certify your product has the protection guarantees you need. Count on us to:

• Review your implementation of an algorithm for mistakes that compromise its security
  
• Review your custom cryptographic protocol for theoretical mistakes that comprise its security guarantees
  
• Assess the use of your chosen cryptographic primitives for correctness within the context of your application
  
• Examine your cryptographic software for new or familiar side-channel attacks or other cryptographic attacks
  
• Write custom bug-finding tools and integrate them into your current test suite
  
• Develop new cryptographic software
  
• Implement or audit novel cryptography—such as post-quantum or zero-knowledge algorithms—in your existing codebase
  
• Our team of engineers will work with your developers on a spectrum of tasks ranging from finding bugs in existing code to building entirely new libraries that can be integrated into your codebase. We will work closely with you to develop a scope suited to your needs.
  

Deliverables will be custom to your situation and may include:

• Clear and actionable descriptions of cryptographic flaws in your software
  
• Exploit scenarios that provide context for the vulnerabilities
  
• A comprehensive plan for mitigating both individual bugs and entire bug classes
  
• Architectural and strategic guidance
  
• Testing artifacts, like custom fuzzers or static analysis scripts
  
• Long-form, well-researched writing on subtle or obscure areas of cryptography

Software Hardening

Rapid development lifecycles and out-of-date tools and techniques can lead to vulnerabilities in software that leave your organization open to exploits. Testing for logic flaws, memory errors, over-provisioned access, and more is necessary to reduce your organization’s attack surface.

Trail of Bits’ Assurance team assesses your software using a multi-point evaluation framework. Testing elements include:

• Compilation
  
• Source code management
  
• Static and dynamic testing
  
• Fuzzing
  

If your software passes, we will provide recommendations for continuous testing and improvement. If we find vulnerabilities, our Engineering team can work with you to bring your codebase up to the highest security standards and train your team on techniques and tools that Trail of Bits has built for continuous security improvement and attack surface reduction.

Cloud Native Security

We help our clients identify and harden environment-critical infrastructures so they can deploy production systems with confidence. To do this, we audit cloud configurations and architectures against best security practices through manual and automated reviews of cloud services and Infrastructure as Code files such as Terraform, CloudFormation, and Azure Resource Manager files.

Threat Modeling

Organizations spend hundreds of work hours to build applications and services that will benefit customers and employees alike. Whether the application/service is externally facing or for internal use only, it is mandatory to identify and understand the scope of potential cyber risks and threats it poses to the organization.

Can the software be reached from an external source? What is the likelihood that an attacker would want access to it? If the software were exploited, what impact would that have on the organization from a business, operational, and financial point of view?

These are just a few of the questions your company needs to ask as you’re building, deploying, and updating applications and services.

But where and how do you start with an accurate threat model?

Trail of Bits has developed a comprehensive threat model that:

• Proactively tests and identifies vulnerabilities and flaws in your software
  
• Analyzes the possible effects of those vulnerabilities to your organization
  
• Determines the probability of compromise
  
• Calculates a risk score
  
• Offers actionable remediation steps — for your internal or team to complete, or with Trail of Bits’ assistance