Add cure53 audit report

2024-06-16 08:34:53 +02:00 · 2021-12-20 14:36:49 +01:00 · 2021-12-20 14:36:49 +01:00 · 3c802183f0
parent a006cb5ec5
commit 3c802183f0
2 changed files with 8 additions and 0 deletions
--- a/assets/Audit-PGPainless.pdf
+++ b/assets/Audit-PGPainless.pdf
--- a/index.md
+++ b/index.md
@ -80,6 +80,14 @@ This allows PGPainless to be used as a command line application for encryption/d
 More importantly though, this allows to plug PGPainless into the [Sequoia OpenPGP Interoperability Test Suite](https://tests.sequoia-pgp.org/).
 This extensive test suite demonstrates how closely PGPainless is following the standard, especially when it comes to signature verification.

+## Security Audits
+
+In late 2021, PGPainless was subject to an extensive security audit by the the pentesting
+team of [Cure53](https://cure53.de). The audit was generously sponsored and arranged by [FlowCrypt.com](https://flowcrypt.com)!
+
+Results of the audit [are publicly available here](assets/Audit-PGPainless.pdf).
+Wherever possible, findings of the audit have been fixed in a timely manner.
+
 ## Forever Free Software

 PGPainless is licensed under the Apache License 2.0 and this will never change.