Our crypto library is open source for review and audit purposes (https://github.com/WickrInc/wickr-crypto-c). Our client and server code is not.
Our open source strategy makes sense for our business today. We understand that some users have strong opinions on the subject. With them we agree that transparency is an important element of software security. We’ll also say that open source isn’t the only answer.
We invest heavily - and we mean heavily - in third-party security testing. Our products have been vetted by world-class independent experts since 2014. We engage world leading security consulting firms on a near continuous basis to perform code audits, penetration tests, and architecture reviews, and we’ve provided public transparency into the methodology and results of this testing in our Customer Security Promise program (https://wickr.com/security/).
We believe our approach has put as much meaningful, independent scrutiny on our code and product as has been put on any open source project. Look for our Customer Security Promises and open source strategy to evolve over time as we strive to do more and share more related to the security of our products.
Comments
0 comments
Article is closed for comments.