Cryptosense Analyzer

Automated cryptographic security auditing for applications

5 /5 (1 review) Write a Review!

Cryptosense Analyzer Overview

What is Cryptosense Analyzer?

Cryptosense Analyzer is a cryptography audit software solution for analyzing the cryptography use within business applications and identifying any security flaws. Available as a SaaS or on-premise product with annual license subscriptions per application, Cryptosense Analyzer is compatible with Java, OpenSSL and PKCS#11 with .NET API support also coming soon. With modern business apps increasingly using cryptography and cryptographic operations more broadly for password storage and database field encryption etc, the complexity of these developments leaves them vulnerable to cryptography security flaws. Cryptosense Analyzer essentially finds these flaws within apps and infrastructures, before guiding on how they can be fixed, optimizing bug fixing resources and also demonstrating a level of security compliance to all stakeholders.

Cryptosense Analyzer operates around a "crypto cartography" approach to tracing all crypto library calls made by an application, whether from framework components and/or libraries. The software then produces a summary report on all traced operations to highlight weak algorithms, vulnerable passwords, insufficient key lengths and much more. These reports or Cryptosense Maps are beneficial to proving compliance with standards such as FIPS and PCI-DSS, while aiding the planning of any crypto-related changes. Other notable features include over 45 configurable cryptographic rules, pre-configured profiles for testing against NIST / ENISA standards policies, multiple user profile creation, LDAP integration and also the provision of expert technical support for interpreting the software's findings.

Cryptosense Analyzer Overview

Pricing

Starting from
US$595,00

Pricing options

Free Trial
Subscription
Value for money

14-day trial available.

Standard = $595 per month, per app ($795 per month if paid annually)
Preimium = $1195 per month, per app ($1595 per month if paid annually)
Premium+ = $1495 per month, per app ($1949 per month if paid annually)
Enterprise = Quote available on request


Cryptosense Analyzer Features

Devices
Business size
S M L
Markets
United States, Canada, Australia, China, India and 4 others, Japan, Germany, Brazil, Mexico
Supported Languages
English

Media

Project traces can be uploaded to Cryptosense, NIST or ECRYPT profiles for the purpose of generating reports
A typical failed summary, detailing an example of 9 rule exceptions identified, flagged and described for further address
A developer view onto found flaws locates where and when calls are made within the application code, suggesting general remediations for fixing
Key lengths dialog with slider controls for setting high, medium and low criticality thresholds for symmetric and RSA keys
Available as a SaaS or on-premise installation, Cryptosense Analyzer automates cryptographic auditing for finding security flaws in Java, OpenSSL and PKCS#11 applications
Cryptosense Analyzer screenshot: Project traces can be uploaded to Cryptosense, NIST or ECRYPT profiles for the purpose of generating reports Cryptosense Analyzer screenshot: A typical failed summary, detailing an example of 9 rule exceptions identified, flagged and described for further address Cryptosense Analyzer screenshot: A developer view onto found flaws locates where and when calls are made within the application code, suggesting general remediations for fixing Cryptosense Analyzer screenshot: Key lengths dialog with slider controls for setting high, medium and low criticality thresholds for symmetric and RSA keys Cryptosense Analyzer screenshot: Available as a SaaS or on-premise installation, Cryptosense Analyzer automates cryptographic auditing for finding security flaws in Java, OpenSSL and PKCS#11 applications

Cryptosense Analyzer Reviews

Cryptosense Analyzer Reviews

Overall rating
5
/
5
Excellent
1

Very good
0

Average
0

Poor
0

Terrible
0

Value for Money
4
Features
4
Ease of Use
4
Customer Support
5
100% recommended this app
Krzysztof F.

Cryptosense scanning

We have used the Cryptosense analyzer to assess the strength of our cryptography which we use in the product


Krzysztof F.
Industry: Information Technology & Services
Company size: 1 001-5 000 Employees

Cryptosense scanning

Used Other for Free Trial
Reviewed on 2018/08/08
Review Source: Capterra

We have used the Cryptosense analyzer to assess the strength of our cryptography which we use in the product

Pros

- Very accurate findings
- The recommendations are straightforward and cannot be misinterpreted. In some cases they are very useful to evaluate the real impact on the software
- This type of scanning allows to catch all types of cryptography calls in JVM, not only the one that originate directly from the application, but also that are triggered indirectly by a middleware
- Low ration of false positives

Cons

- The size of the traces for products that do a lot of cryptography calls can be problematic, it can be too big for producing the report (this was however quickly resolved by excellent support)
- There was no direct support for Cloud vendors solutions around key management (e.g. AWS KMS), however some of the Cloud services uses standard Java Cryptography API and hence we would able to identified some findings and the Cryptosense team is working to add this type of support

Rating breakdown

Value for Money
Ease of Use
Customer Support

Likelihood to recommend: 8.0/10

User recommendation
8/10
Based on 1 user ratings
Compare user recommendation rating with alternatives
Compare with alternatives

Cryptosense Analyzer Pricing

Cryptosense Analyzer Pricing

Starting from
US$595,00
Free Trial
Subscription
Value for money

14-day trial available.

Standard = $595 per month, per app ($795 per month if paid annually)
Preimium = $1195 per month, per app ($1595 per month if paid annually)
Premium+ = $1495 per month, per app ($1949 per month if paid annually)
Enterprise = Quote available on request

14-day trial available.

Standard = $595 per month, per app ($795 per month if paid annually)
Preimium = $1195 per month, per app ($1595 per month if paid annually)
Premium+ = $1495 per month, per app ($1949 per month if paid annually)
Enterprise = Quote available on request

Value for Money
4/5
Based on 1 user ratings
Compare value for money rating with alternatives
Compare with alternatives

Cryptosense Analyzer Features

Cryptosense Analyzer Features

API
Access Control
Activity Dashboard
Activity Tracking
Alerts / Escalation
Auditing
Authentication
Compliance Management
Monitoring
Password Management
Policy Management
Real Time Monitoring
Reporting & Statistics
Risk Alerts
Secure Data Storage
Single Sign On
Third Party Integration
Two-Factor Authentication
User Management
Vulnerability Scanning
Features
4/5
Based on 1 user ratings
Compare features rating with alternatives
Compare with alternatives

Categories

Additional information for Cryptosense Analyzer

Additional information for Cryptosense Analyzer

Key features of Cryptosense Analyzer

  • Active Directory integration
  • Application security
  • Asset discovery
  • Auditing
  • Compliance documentation
  • Compliance management
  • Compliance reporting
  • Crypto cartography
  • Custom URL
  • Custom rules
  • Customizable branding
  • Debugging
  • Email attachment protection
  • Event relationship diagrams
  • IP protection
  • Internet usage monitoring
  • Intrusion detection system
  • LDAP integration
  • Multiple user accounts
  • PCI assessment
  • Password management
  • Prioritization
  • Project management
  • REST API
  • Reporting & statistics
  • Risk management
  • Security auditing
  • Software testing
  • Summary reports
  • User management
  • Vulnerability assessment
  • White labelling

Benefits

  • Cryptosense Analyzer is SaaS-based or on-premise auditing software for analyzing the use of cryptography within applications, identifying flaws and suggesting how they can be fixed to improve security.
  • The software supports API's including Java (JCE/JCA/Bouncycastle), OpenSSL (libssl, libcrypto), PKCS#11, with .NET support also in development, to follow.
  • Typical types of flaws findable by Cryptosense include weak cryptographic keys, algorithms, passwords and password-based key derivation, the incorrect choice of parameters, use of randomness etc and more.
  • Support provision includes access to the Cryptosense Knowledge Base with documentation for interpreting the software's analysis, helping those not versed in cryptography to understand the results.
  • Cryptosense boasts a false positive rate of less than 1 per 1000 in the pinpointing of genuine vulnerabilities, with Enterprise package holders permitted to add custom cryptography rules into the software for bespoke detection.
  • Cryptosense Analyzer FAQs

    Cryptosense Analyzer FAQs

    Below are some frequently asked questions for Cryptosense Analyzer.

    Q. What type of pricing plans does Cryptosense Analyzer offer?

    Cryptosense Analyzer offers the following pricing plans:

    Starting from: US$595,00

    Pricing model: Subscription

    Free Trial: Available

    14-day trial available. Standard = $595 per month, per app ($795 per month if paid annually) Preimium = $1195 per month, per app ($1595 per month if paid annually) Premium+ = $1495 per month, per app ($1949 per month if paid annually) Enterprise = Quote available on request

    Q. What are the main features of Cryptosense Analyzer?

    Cryptosense Analyzer offers the following features:

    • Active Directory integration
    • Application security
    • Asset discovery
    • Auditing
    • Compliance documentation
    • Compliance management
    • Compliance reporting
    • Crypto cartography
    • Custom URL
    • Custom rules
    • Customizable branding
    • Debugging
    • Email attachment protection
    • Event relationship diagrams
    • IP protection
    • Internet usage monitoring
    • Intrusion detection system
    • LDAP integration
    • Multiple user accounts
    • PCI assessment
    • Password management
    • Prioritization
    • Project management
    • REST API
    • Reporting & statistics
    • Risk management
    • Security auditing
    • Software testing
    • Summary reports
    • User management
    • Vulnerability assessment
    • White labelling

    Q. Who are the typical users of Cryptosense Analyzer?

    Cryptosense Analyzer has the following typical customers:

    Large Enterprises, Mid Size Business

    Q. What languages does Cryptosense Analyzer support?

    Cryptosense Analyzer supports the following languages:

    English

    Q. What type of pricing plans does Cryptosense Analyzer offer?

    Cryptosense Analyzer has the following pricing plans:

    Subscription

    Q. Does Cryptosense Analyzer support mobile devices?

    We do not have any information about what devices Cryptosense Analyzer supports

    Q. What other apps does Cryptosense Analyzer integrate with?

    We do not have any information about what integrations Cryptosense Analyzer has

    Q. What level of support does Cryptosense Analyzer offer?

    Cryptosense Analyzer offers the following support options:

    Phone Support, Online Support, Knowledge Base