HIDEEZ is a Ukrainian small and medium-sized enterprise (SME) that develops innovative digital identity solutions. Its product lineup includes wearable devices and software components for authentication, tailored for a B2B audience.
Operating in a high-risk cybersecurity domain and handling both personal and corporate data, HIDEEZ considers security a critical factor in maintaining customer trust.
Datami conducted a targeted security assessment of HIDEEZ’s encryption and authentication modules, analyzing source code and authorization logic.
The primary method was a white-box pentest, in which the team had access to source code to review critical components in depth.
We combined static code analysis using tools, manual functionality auditing, attack simulation, and thorough encryption verification.
Despite limited access to only parts of the codebase, the team successfully identified significant vulnerabilities and proposed effective improvements.
During the project, Datami analyzed the provided fragments of HIDEEZ’s source code, focusing on encryption and authentication. Reviewing the authorization logic and cryptographic implementation helped identify critical risk areas.
Due to limited access, the team created a simulated environment and adapted the testing process without requiring full product deployment.
Every
Before the project began, the security level of the HIDEEZ product was assessed as high risk due to insufficient review of custom encryption and authentication implementations.
During the white-box pentest, the Datami team identified 6 vulnerabilities: 1 critical (in data encryption), 2 medium (in authentication logic), and 3 low (e.g., hardcoded values in the code).
HIDEEZ received clear recommendations to enhance security:
After implementing the recommendations, the risk level was reduced from high to low. The successful security optimization helped avoid potential data leaks and reputational damage.
The project was completed in 3 weeks instead of the typical 4–5. The critical vulnerability was resolved by the client in under 48 hours.
Thanks to Datami, HIDEEZ received a targeted security testing of its cryptographic mechanisms and authentication systems in just 3 weeks.
During the project, the submitted code was reviewed prior to release, and 6 vulnerabilities were identified. The implemented recommendations reduced the risk level from high to low. All tasks were completed on time.
The case study demonstrates that even cybersecurity companies need independent audits.
Web applications are targeted by attacks every day - from simple scanners to deliberate breaches. To understand how vulnerable a web application is and how to protect it from hackers’ actions, a special assessment is conducted - penetration testing (pente
Microsoft announced a new update to Defender for Office 365 that automatically detects and blocks email bombing attacks. The rollout started in June, and most users will receive the feature by mid-July 2025.
Cloudflare reported that it stopped the most powerful UDP flood DDoS attack aimed at exhausting system resources. In 35 seconds, the attackers flooded the company with traffic at 11.5 Tbit/s.