Multiple steps are involved to ensure a successful collaboration on a planned security consulting engagement. Whether it requires a security audit, limited security evaluation, or security by design consultation, the process begins by scheduling a call to clarify the in-scope components, areas of concern that are to be prioritized during
In our previous blog post, Security Audit Reports: A Guide for Everyone, we provided a comprehensive guide on how to read a security audit report. We discussed the various sections of an audit report, what to look for, and how to interpret the findings to gain insights into the security
In 2014, we published our first security audit report. Since then, we have completed more than 200 audits and published more than half of those. The primary audience of an audit report is the client’s project development team. However, stakeholders and other interested parties can also find value in reading
In Part 1 of this blog, we delved into the constantly changing world of Web3, unveiling the opportunities it presents. In Part 2, we’re continuing this exploration with a focus on the types of projects receiving support, with a particular emphasis on improving security — a critical yet often overlooked
This past year, we’ve started investigating new approaches to our security audit reports and recently we’re experimenting with structuring the data to be more usable by additional audiences and systems, along with publishing our reports in new ways to make them more accessible. Reports as Bitcoin Digital Artifacts We have
In recent years the Web3 space, known for its innovation and community driven approaches, has witnessed a significant shift in its approach to funding and supporting projects. We have identified more than 150 funding opportunities since we began researching them in October 2023, and new grant programs are continuously emerging.
Adequate preparation for a security audit is beneficial in a number of ways, both for the purposes of a security audit and in reinforcing development best practices that provide long-term benefits to projects and teams. Effective preparation enables security research teams to focus their efforts and time on reviewing the
Least Authority is excited to present a short comic which explains our Tahoe-LAFS based Simple Secure Storage Service (S4) with a simple narrative illustration. It demonstrates how our products/services provide a more secure alternative to popular online services. To learn more, read on. Special thanks to Sam Hester from The 23rd Story for her brilliant illustrations.