HIDEEZ is a Ukrainian small and medium-sized enterprise (SME) that develops innovative digital identity solutions. Its product lineup includes wearable devices and software components for authentication, tailored for a B2B audience.
Operating in a high-risk cybersecurity domain and handling both personal and corporate data, HIDEEZ considers security a critical factor in maintaining customer trust.
Datami conducted a targeted security assessment of HIDEEZ’s encryption and authentication modules, analyzing source code and authorization logic.
The primary method was a white-box pentest, in which the team had access to source code to review critical components in depth.
We combined static code analysis using tools, manual functionality auditing, attack simulation, and thorough encryption verification.
Despite limited access to only parts of the codebase, the team successfully identified significant vulnerabilities and proposed effective improvements.
During the project, Datami analyzed the provided fragments of HIDEEZ’s source code, focusing on encryption and authentication. Reviewing the authorization logic and cryptographic implementation helped identify critical risk areas.
Due to limited access, the team created a simulated environment and adapted the testing process without requiring full product deployment.
Every
Before the project began, the security level of the HIDEEZ product was assessed as high risk due to insufficient review of custom encryption and authentication implementations.
During the white-box pentest, the Datami team identified 6 vulnerabilities: 1 critical (in data encryption), 2 medium (in authentication logic), and 3 low (e.g., hardcoded values in the code).
HIDEEZ received clear recommendations to enhance security:
After implementing the recommendations, the risk level was reduced from high to low. The successful security optimization helped avoid potential data leaks and reputational damage.
The project was completed in 3 weeks instead of the typical 4–5. The critical vulnerability was resolved by the client in under 48 hours.
Thanks to Datami, HIDEEZ received a targeted security testing of its cryptographic mechanisms and authentication systems in just 3 weeks.
During the project, the submitted code was reviewed prior to release, and 6 vulnerabilities were identified. The implemented recommendations reduced the risk level from high to low. All tasks were completed on time.
The case study demonstrates that even cybersecurity companies need independent audits.
This incident occurred back in 2017, but cybersecurity experts are still studying it in detail. This case features a series of classic security failures – serving as a clear example of what not to do.
Today, all it takes to take over a car is a computer. That’s exactly what hackers demonstrated at a special competition - they hacked a Tesla in just 120 seconds, and the result became a true sensation.
Today, nearly every business is closely connected to the internet: websites, mobile apps, cloud data storage, electronic payments, and more. This brings great convenience, but at the same time, it introduces additional risks and potential financial losses