Case Study: Wickr achieves verifiable security and transparency with Bishop Fox

How Bishop Fox Enables Wickr's Security Assurance

Wickr, a secure communications provider offering device-to-device encryption, ephemeral messaging, and secure screen sharing, needed independent validation of its security to fulfill its Customer Security Promises and demonstrate it does not have access to customer communications. To provide that transparency, Wickr engaged Bishop Fox for quarterly assessments, a crypto architecture review, penetration testing, source code reviews for all application changes, and continued engagement.

Bishop Fox performed a comprehensive assessment of Wickr’s mobile and desktop clients, back-end infrastructure, APIs, and cryptography, delivering a public-facing report with tactical and strategic remediation recommendations. The engagement identified code changes to reduce future exposure, validated Wickr’s security assertions, enabled a formal testing plan to prevent further issues, and established ongoing Bishop Fox collaboration to maintain and harden Wickr’s security posture.

Wickr

Christopher Howell

Chief Technology Officer