Chip & System Security Testing 
Reconciling how and how in a single and collaborative platform empowering experts.
SOLUTIONS

  • > Side Channel Analysis

    Ready-to-use side channel tools to assess cryptography algorithms.

  • > Fault Injection: Laser, EM & Glitching

    Make sure your chip withstands different techniques of physical fault injections.

  • > Firmware Security Analysis

    Qualify embedded code binaries without physical devices and benches.

  • > Security Failure Analysis

    Photoemission analysis to explore internal information in a chip.

  • > Vulnerability Research

    Dynamic analyses at a system level for investigating potential vulnerabilities.

TECHNOLOGIES

  • > Data Science Platform

    esDynamic is a complete data focused platform to leverage the know-how of your team for complex analyses.

  • > esFirmware Engine

    Assess the security of the firmware of IoT devices against logical and physical attacks.

  • > esReven Engine

    Record and replay vulnerability researches within reverse engineering processes and tools.

PROFESSIONAL SERVICES

  • > Cybersecurity Training

    Grow your expertise with training modules driven by a coach.

  • > Hardware Evaluation Lab

    High-end laboratory capabilities specialized in hardware security evaluations.

Mobile & Backend Security Testing 
Onboard your Mobile Engineering Team into your security challenges with hands-on training, security verifications, and more.
EXPERTISE

  • > Mobile App Security

    Know the threats and risks of your Mobile App.

  • > DevSecOps

    Integrate the security protections verification in your CI/CD pipeline.

SOLUTIONS

  • > Mobile App Security Testing (MAST)

    esChecker SaaS: automating the security testing of your mobile app binary.

PROFESSIONAL SERVICES

  • > Mobile App Penetration Testing

    Testing the resiliency of your Mobile App, SDK or RASP tool.

  • > Backend Penetration Testing

    Testing the resiliency of your Web App, API or Backend Systems.

  • > Coaching for Mobile App Developers

    Providing insights into the mobile app threats and how attackers work by a learning-by-doing approach.

Our Company 
Passionate about security and wanting to work in an exciting and innovative environment? Full time and internship opportunities starting 2023.
OUR COMPANY

  • > Events

CAREERS

  • > Meet our experts

  • > Open positions

    Join our team!

FOLLOW US
Blog
Contact us
eShard
/
esreven

esReven, Reverse Engineering by eShard

Our engine allows Timeless dynamic analysis for Vulnerability and Malware Analysis to empower your experts for getting ahead of security analyses.
Trial esReven
Download our brochure

Getting into the unknown with effectiveness

When facing a new target for vulnerability research or an unknown markware, reverse engineering capabilities are central for these analyses. Analysts must combine years of expertise with the best reverse engineering tools to solve the puzzle they face.

Different sets of tools exist, each focusing on different aspects of the problem. All tools and techniques must be combined together since any piece of information counts. However, while static tools turn out to be quite numerous and mature, the scope of dynamic tools may appear more limited and is often limited to debuggers. In addition, those tools don’t provide any solution to capture the path followed by the expert, to empower new hires with the team’s accumulated expertise and to reduce the complexity required to solve the deepest problems.

esReven engine

eShard has built a solution, esReven, combining a unique technology with a knowledge center. It empowers organizations and their analysts to develop and aggregate more expertise while pushing the boundaries of reverse engineering.

With our unique technology for dynamic analyses, named Full System Timeless Analysis, get visibility of a full system execution (CPU, Memory, Hardware Events, network activities, …) during a slice of time combined with the most advanced techniques to analyze any event occurring in that period.

Full System Timeless Analysis

Simultaneously examine and monitor all your systems, applications, and processes: Getting beyond the usual application level enables analyzing Windows and Linux kernel vulnerabilities, getting into applications that span multiple processes and use interprocess communications. The full system is a requirement when applying advanced algorithms like data tainting.

The Timeless Analysis provides a full system analysis environment with the ability to move at any point of time of its execution, backward or forward, in a click. Identify points of interest, follow the trail crossing processes or kernel boundaries, apply advanced techniques and algorithms. Combined with the full system visibility, getting to root causes becomes possible even for the most complex problems.

How does the timeless analysis work?

With esReven, record the runtime execution you are interested in. It captures the full system and get all corresponding internal data at any point of time. This can be achieved via a dedicated GUI, but also via API that you can call from a Jupyter Lab notebook. Why? Simply because you may be willing to seal your analysis in time and make sure that you or another person can understand the logic of your analysis and replay it.

The esReven record is central to the knowledge building process because it creates a permanent repository of use cases to maintain and spread expertise among team members. On the contrary, other tools, such as debuggers, do not have a lasting effect on the organization.

Key uses-cases:

  • Vulnerability research, including patch analysis, automated fuzzing results triage
  • Advanced system or application analysis
  • Bespoke Malware analysis

Knowledge Center: Reconciling know and how in Reverse engineering

How to go beyond a tool? Vulnerability or malware analysis is a matter of expertise. Expertise is more than tool capabilities. It is also about reconciling knowledge and tools. Our philosophy is to empower an expert team with a know-how platform.

By leveraging Jupyterlab notebooks, it is possible to build internal knowledge by calling the tool via API or built-in widgets. It becomes possible to retain or share your expertise. Ramp-up new experts and de-risk people movement. Collaboration becomes effective

eShard developed high value notebook libraries benefiting from years of R&D in dynamic analyses and good practices. This is a source of technical material, ready to use and easily applicable to your specific use case.

Key features

Full system analysis

esReven captures a time slice of a full system execution to provide the total visibility of the system under analysis.

Timeless Analysis

Move forwards and backwards through the recorded process.

Data tainting

Follow the data and highlight connections that are otherwise very hard to discover with other reverse engineering tools.

API

The analysis features are available through APIs and are combined to build powerful analysis techniques.

CopyRights eShard 2023.
All rights reserved
Privacy policy | Legal Notice
SECURITY TESTING SOLUTIONS
Side Channel AnalysisLaser & EM Fault InjectionFirmware Security AnalysisSecurity Failure AnalysisVulnerability ResearchMAST: Mobile Application Security Testing
TECHNOLOGIES
Data Science PlatformesFirmware EngineesReven Engine
PROFESSIONAL SERVICES
Cybersecurity TrainingHardware Evaluation LabPenetration Testing for Backend and WebAppPenetration Testing for Mobile Applications
COMPANY
About usJoin our team!EventsBlog