ICO security | Positive.com
ico security

ICO security flaws make you a cybercrime target

Vulnerabilities in smart contracts, wallets, and web applications have been used to drain at least $150 million in ICO funds in just over a year. This means cybercriminals have stolen nearly 9.5% of the value of all Ethereum ICOs.

Don't be an easy target. Find out how we help make your ICO secure
Success!
Our team will contact you shortly.
An initial coin offering creates the ideal conditions for a cyberattack. The size of these recent ICO attacks is the proof:
DAO
Lost: $75 million Vulnerability:
Reentrancy flaw in smart contract code
Parity
Lost: $32 million Vulnerability:
Incorrect function scope in smart contract code
CoinDash
Lost: $8 million Vulnerability:
website vulnerabilities

Our offering

Our two-phase approach to securing your ICO is founded in deep insight of the threat landscape and innovative technology development. We allow you to ironclad your infrastructure and code in advance of the event, and protect you in real time whilst you are raising funds. This shuts down attackers before they can get a foothold.

1 In advance
Smart contract security:

Our specialists uncover vulnerabilities and logic flaws in your smart contract and help you to fix them, before testing the fixed code in a private block chain.

Web application security:

We find website application vulnerabilities and provide expert guidance to host companies on protecting themselves and their investors from these threats.

Protection of mobile apps:

This audit highlights vulnerabilities which may lead to theft of funds from investor wallets, or direct from the ICO account.

Server and infrastructure security:

Hunting for and remediating vulnerabilities in servers, OS and network infrastructure that can give attackers free reign.

Employee training:

We help employees understand, detect, and avoid social engineering attacks that start a chain reaction for malicious incursion.

2 Once live
Deployment solution:

We deploy a set of cloud-based enterprise grade countermeasures, such as a web application firewall and SIEM, to lock down your infrastructure and provide visibility of attacks.

24-hour "eyes-on" monitoring:

Our Security Operations Center monitors and responds to any and all attacks throughout your ICO.

Initial Coin Offering security

A focused and experienced team

Our team of cybersecurity experts has over a decade of experience safeguarding companies technically, deploying technology, and building strategic partnerships.

Leigh-Anne Galloway
Alex Mathews
Cybersecurity resilience experts

Headed up from our London office by Leigh-Anne Galloway and Alex Mathews. Leigh-Anne has helped numerous large companies secure their infrastructure against attack, as well as investigating breaches. She is a regular speaker at events and quoted in the media. Alex has many years' experience working on large-scale security deployments and penetration tests for some of the world's biggest companies.

Monty Hossain
Strategic partnerships

Based in California, Monty Hossain has amassed considerable expertise in the field of cybersecurity over several years forming strategic alliance programs for companies such as salesforce.com, Mulesoft, and Adobe.

Arseny Reutov
Timur Yunusov
Evangelos Deirmentzoglou
Application and blockchain security

Arseny Reutov, Timur Yunusov, and Evangelos Deirmentzoglou lead our application security expertise. Arseny is an application security expert with a specialism in source code analysis and has authored numerous research papers, as well being an OWASP speaker. Timur is also a well-known industry expert, speaking at everything from Black Hat to CanSecWest. His application security research has a focus on financial services. Evangelos is researching a cybersecurity PhD and focuses on source code analysis, which he has applied for a number of major U.S. technology vendors, Fortune 500 companies, banks and medical institutions.

Our partners

BitFin Capital is a Cayman Islands domiciled hedge fund focused on the intersection of the emerging blockchain ecosystem and traditional economy.

Velton Zegelman represents clients in a range of matters, including labor and employment litigation, corporate transactions, regulatory compliance, intellectual property licensing, venture financing and fund formation, negotiations, and mergers and acquisitions.
Velton Zegelman takes care of the legal part of our projects.