The GlobaLeaks Project is periodically subject to independent security audit and penetration tests in order to verify and improve the security of the system.
Thanks to our funders and users GlobaLeaks received already 6 independent penetration tests here available. Many others, during the years, have been performed by some private adopters.
These are the detailed reports of penetration tests we’ve received, along with the transparent feedback and fixing done in response:
|2013 Q1||iSecPartners||Architecture Audit||Report|
|2013 Q2||Cure53||Web Security Audit||Report|
|2013 Q4||VeraCode||Overall Audit||Report|
|2014||LeastAuthority||Source Code Audit||Report|
|2019||RadicallyOpenSecurity||Crypto Audit, Multi-tenancy Audit, Overall Audit||Report|
If you want to carry out or sponsor an Independent Security Audit, please email projects at firstname.lastname@example.org