Bluetooth Low Energy Security Audit

We make the industry more… Challenging!

BLE Device Security Assessment

Our commitment to excellence in BLE security testing is unparalleled. We have a comprehensive understanding of the BLE protocol and its potential associated security risks. We have successfully assessed a wide range of BLE products, from wearable technology and home automation devices to industrial sensors and healthcare equipment, ensuring they are secure and compliant with industry best practices.

Your Device, Our Commitment to Unbreakable Security

Device & Mobile App
Security Audit Activities

During the BLE Security Test the following activities are followed:

  1. Mobile application mapping. Understand of the application's logic and functionality

  2. Device services and profiles identification

  3. Mobile static analysis along with instrumentation for the identification of the BLE handler

  4. Mobile application dynamic analysis with protocol interception and traffic analysis

  5. Permissions and Access control testing

  6. Authentication and Authorization testing

  7. Data Confidentiality and Integrity

  8. DoS and crash analysis

  9. Mobile API and BLE access controls

We offer expert mobile application security testing across various platforms, covering all potential threat vectors from insecure data storage to backend API vulnerabilities.

In our BLE testing, we scrutinize the logic of custom BLE protocols to detect vulnerabilities, denial-of-service issues, and any missing authentication or access control measures.

Firmware Development?
We've Been There, Too

Our team has successfully built systems for different customers that have been working well ever since


We began as firmware developers and security researchers and later expanded into reverse engineering and working with Bluetooth Low Energy Security and other technologies


After much research and experience, we now offer training in Bluetooth Low Energy Security to security experts and provide a certification

We create our own security testing tools

Manual
and
Automated Testing

We developed powerful tools to help us build many automated software to both understand and discover BLE vulnerabilities.

By using our own tools we have no boundaries and through our implementations we create new paths for uncovering known or unknown BLE vulnerabilities

We proudly developed an advanced BLE Fuzzer that helps to discover new vulnerabilities. The Fuzzer is based both on our BLE:Bit tool but also on a customized Zephyr implementation.

Our in-house fuzzing suite splits into three sections: Beacon Fuzzing, Application Fuzzing and GATT-Layer Fuzzing

What makes us unique

What truly sets Cybervelia apart is our ability to provide a complete and precise security overview. We not only identify vulnerabilities but also provide context on the real-world impact and potential business risks, enabling our clients to prioritize their remediation efforts effectively. Our detailed and insightful reports are lauded by both technical teams and executive leadership for their clarity and actionable guidance.

Products & Services

Contact

Limassol, 4620, Cyprus
E: info -at- cybervelia -dot- com

T: 25-312159

Partners

Careers

Cybervelia Limited is incorporated in the Republic of Cyprus with Company Registration No. HE 440234

"Cybervelia" is a registered tradename of Cybervelia Limited.

© 2022 Cybervelia Limited. All rights reserved