Tonight we submitted the Wyvern code to a well known and reputable software auditor and, at their recommendation, Wyvern was taken offline while the audit was performed and various exploits and bugs were patched. The audit, patching, and testing lasted about 5 hours with Wyvern then receiving a thumbs up from the auditor with only a few recommendations remaining (none of which posed any security risk).

Wyvern is back online and better than ever!

With a total of 13 issues reported, all 13 were patched, tested, and reviewed again. In addition to those 13 issues, there were 4 recommendations made and 2 of them have already been corrected and the other 2 are being worked on in development. While we would have loved it if the audit turned up no issues, in the real world this is why software audits are done because it's really hard for you to catch your own mistakes when your mistake doesn't look like a mistake to you (or else you wouldn't have made it). We are very thankful that these issues were found during an audit rather than a malicious user and will continue to utilize such audits for future updates and releases.

A big thank you to Vlad C. for taking the time to go through over 28,000 lines of code to make Wyvern safer for everybody.

-The Secure Dragon Staff

Saturday, January 3, 2015





« Back