Blog

Forgotten Essence Of The Backend Penetration Testing

Forgotten Essence Of The Backend Penetration Testing

At Riscure we have observed many severe security issues exploited by hackers even in previously certified solutions. In recent years, certification, which aims to minimize security risks, has ...
Whip the Whisperer: Blackhat 2022

Whip the Whisperer: Blackhat 2022

Cryptographic side channels are well-known and understood in the industry. There are also many countermeasures against side channels to reduce the leakage risk. However, many implementations in ...
Five things you should know to avoid the most common security errors

Five things you should know to avoid the most common security errors

For more than 20 years Riscure has been helping chip and device vendors to improve the security of their products. We have observed the ever-changing security landscape, adjusted to the evolving ...
3 Reasons Why Your Payment App Needs To Get EMVCo Certified

3 Reasons Why Your Payment App Needs To Get EMVCo Certified

Riscure worked together with Promon to define why mobile app providers should consider getting EMVCo Software-Based Mobile Payment (SBMP) certification.
Security certification considerations when choosing a secure product

Security certification considerations when choosing a secure product

Understanding Common Criteria and Evaluation Assurance Levels, and putting these into context when choosing secure products and services.
The Price We Pay for Fault Injection

The Price We Pay for Fault Injection

This new paper describes the background and risks of Fault Injection.
The Price We Pay for Faults: Video Webinar

The Price We Pay for Faults: Video Webinar

Tune into our recent webinar presented by Riscure's CEO Marc Witteman, as he breaks down the dollars and cents of Fault Injection.
State of Security for Smart Home Devices

State of Security for Smart Home Devices

Recently, Riscure analyzed the security of commonly used smart home devices such as WiFi routers, gateways, door locks, and cameras.
Fault Mitigation Patterns

Fault Mitigation Patterns

To make it easier for developers to protect their security-critical devices, Riscure created this paper discussing patterns that can cost-effectively mitigate the code.
Security Highlight: Exploiting persistent faults in crypto

Security Highlight: Exploiting persistent faults in crypto

At the most recent CHES workshop, Hossein Hadipour of the Graz University of Technology presented an important step forward in exploiting persistent faults in crypto.
My journey at Riscure: Anjana Miyar

My journey at Riscure: Anjana Miyar

Anjana Miyar is a Senior Security Analyst at Riscure North America. Anjana’s specialty lies in software security testing. Unlike many others, Anjana did not have prior security experience before ...
Security Highlight: Compromising printers via malicious third-party cartridges

Security Highlight: Compromising printers via malicious third-party cartridges

This fall, HP Inc. published an article describing a buffer overflow vulnerability in their printer software which would allow an attacker to obtain persistent remote code execution on the ...
Tunable Replica Circuit

Tunable Replica Circuit

At the Black Hat 2022, Daniel Nemiroff presented a talk on Tunable Replica Circuits. Riscure CTO of North America, Jasper van Woudenberg had an opportunity to listen to this presentation. Here ...
My journey at Riscure: Caroline Favrot Lee

My journey at Riscure: Caroline Favrot Lee

Caroline Favrot Lee is the Operations Director for Riscure North America. Caroline originally joined Riscure in 2012 as an accountant and office manager for the Riscure North American office, ...
Security Highlight: Marc Witteman on the roots of Riscure, device security, and pre-silicon

Security Highlight: Marc Witteman on the roots of Riscure, device security, and pre-silicon

The story of Riscure, like with many other technology businesses, started in the garage. Dissatisfied with the quality of then available hardware testing tooling, Marc Witteman founded Riscure ...
My Journey at Riscure: Pascal van Gimst

My Journey at Riscure: Pascal van Gimst

  How did you join Riscure? I was working in a research institute called TNO, where I was doing chip security testing in a group of 10 people. One of those people was Marc ...
Security Highlight: Glitched on Earth by Humans

Security Highlight: Glitched on Earth by Humans

  The Black Hat conference always brings up interesting and current research within the device security industry. Jasper van Woudenberg attended the latest conference, ...
Getting to know Electro-Magnetic Fault Injection

Getting to know Electro-Magnetic Fault Injection

The Electro-Magnetic Fault Injection (EM-FI) method involves creating an electromagnetic field over the chip that could cause a change in the chip’s behavior. We can use it to try to bypass a ...