Cryptosense Analyzer Pricing, Features, Reviews & Comparison of Alternatives

Cryptosense Analyzer

Automated cryptographic security auditing for applications

5.0/5 (1 review)

Cryptosense Analyzer overview

What is Cryptosense Analyzer?

Cryptosense Analyzer is a cryptography audit software solution for analyzing the cryptography use within business applications and identifying any security flaws. Available as a SaaS or on-premise product with annual license subscriptions per application, Cryptosense Analyzer is compatible with Java, OpenSSL and PKCS#11 with .NET API support also coming soon. With modern business apps increasingly using cryptography and cryptographic operations more broadly for password storage and database field encryption etc, the complexity of these developments leaves them vulnerable to cryptography security flaws. Cryptosense Analyzer essentially finds these flaws within apps and infrastructures, before guiding on how they can be fixed, optimizing bug fixing resources and also demonstrating a level of security compliance to all stakeholders.

Cryptosense Analyzer operates around a "crypto cartography" approach to tracing all crypto library calls made by an application, whether from framework components and/or libraries. The software then produces a summary report on all traced operations to highlight weak algorithms, vulnerable passwords, insufficient key lengths and much more. These reports or Cryptosense Maps are beneficial to proving compliance with standards such as FIPS and PCI-DSS, while aiding the planning of any crypto-related changes. Other notable features include over 45 configurable cryptographic rules, pre-configured profiles for testing against NIST / ENISA standards policies, multiple user profile creation, LDAP integration and also the provision of expert technical support for interpreting the software's findings.
cryptosense.com

Pricing

Starting from
$595
Pricing options
Subscription
Free trial
Value for money
View Pricing Plans

Devices

Business size

S
M
L

Markets

United States, Canada, Australia, China, India and 4 other markets, Japan, Germany, Brazil, Mexico

Supported languages

English
Cryptosense Analyzer screenshot: Project traces can be uploaded to Cryptosense, NIST or ECRYPT profiles for the purpose of generating reportsCryptosense PKCS#11 Security SuiteCryptosense Analyzer screenshot: A typical failed summary, detailing an example of 9 rule exceptions identified, flagged and described for further addressCryptosense Analyzer screenshot: A developer view onto found flaws locates where and when calls are made within the application code, suggesting general remediations for fixingCryptosense Analyzer screenshot: Key lengths dialog with slider controls for setting high, medium and low criticality thresholds for symmetric and RSA keysCryptosense Analyzer screenshot: Available as a SaaS or on-premise installation, Cryptosense Analyzer automates cryptographic auditing for finding security flaws in Java, OpenSSL and PKCS#11 applicationsCryptosense Analyzer - Automated Crypto Audit

Cryptosense Analyzer user reviews

Excellent
1

Very good
0
Average
0
Poor
0
Terrible
0
Value for money
Features
Ease of use
Customer support
  4.0
  4.0
  4.0
  5.0
Krzysztof Fabjanski

Cryptosense scanning

Used occasionally for free trial
Reviewed 2018-08-08
Review Source: Capterra

We have used the Cryptosense analyzer to assess the strength of our cryptography which we use in the product

Pros
- Very accurate findings - The recommendations are straightforward and cannot be misinterpreted. In some cases they are very useful to evaluate the real impact on the software - This type of scanning allows to catch all types of cryptography calls in JVM, not only the one that originate directly from the application, but also that are triggered indirectly by a middleware - Low ration of false positives

Cons
- The size of the traces for products that do a lot of cryptography calls can be problematic, it can be too big for producing the report (this was however quickly resolved by excellent support) - There was no direct support for Cloud vendors solutions around key management (e.g. AWS KMS), however some of the Cloud services uses standard Java Cryptography API and hence we would able to identified some findings and the Cryptosense team is working to add this type of support

Rating breakdown

Value for money
Ease of use
Features
Customer support

Likelihood to recommend: 8/10

Minimize review

Cryptosense Analyzer pricing

Starting from
$595
Pricing options
Subscription
Free trial
View Pricing Plans

14-day trial available.

Standard = $595 per month, per app ($795 per month if paid annually)
Preimium = $1195 per month, per app ($1595 per month if paid annually)
Premium+ = $1495 per month, per app ($1949 per month if paid annually)
Enterprise = Quote available on request

Cryptosense Analyzer features

API
Auditing
Compliance Management
Password Management
Reporting & Statistics
Security Auditing

Access Control (127 other apps)
Activity Dashboard (114 other apps)
Activity Tracking (63 other apps)
Alerts / Escalation (71 other apps)
Authentication (78 other apps)
Monitoring (140 other apps)
Policy Management (82 other apps)
Real Time Monitoring (83 other apps)
Risk Alerts (67 other apps)
Secure Data Storage (78 other apps)
Single Sign On (63 other apps)
Third Party Integration (93 other apps)
Two-Factor Authentication (65 other apps)
Vulnerability Scanning (63 other apps)

Videos and tutorials

Additional information for Cryptosense Analyzer

Key features of Cryptosense Analyzer

  • Event relationship diagrams
  • Intrusion detection system
  • Internet usage monitoring
  • Prioritization
  • Vulnerability assessment
  • Risk management
  • Asset discovery
  • PCI assessment
  • Compliance reporting
  • IP protection
  • Email attachment protection
  • Custom rules
  • LDAP integration
  • Crypto cartography
  • White labelling
  • Active Directory integration
  • Auditing
  • Compliance management
  • Customizable branding
  • Debugging
  • Multiple user accounts
  • Software testing
  • Summary reports
  • Application security
  • REST API
  • Security auditing
  • Compliance documentation
  • Custom URL
  • Reporting & statistics
  • Password management
  • Project management
  • User management
View All Features

Benefits

Cryptosense Analyzer is SaaS-based or on-premise auditing software for analyzing the use of cryptography within applications, identifying flaws and suggesting how they can be fixed to improve security.

The software supports API's including Java (JCE/JCA/Bouncycastle), OpenSSL (libssl, libcrypto), PKCS#11, with .NET support also in development, to follow.

Typical types of flaws findable by Cryptosense include weak cryptographic keys, algorithms, passwords and password-based key derivation, the incorrect choice of parameters, use of randomness etc and more.

Support provision includes access to the Cryptosense Knowledge Base with documentation for interpreting the software's analysis, helping those not versed in cryptography to understand the results.

Cryptosense boasts a false positive rate of less than 1 per 1000 in the pinpointing of genuine vulnerabilities, with Enterprise package holders permitted to add custom cryptography rules into the software for bespoke detection.