wolfSSL has a wealth of experience in IoT and network appliance security which can be shared through professional consulting services. Customers are oftentimes focused on a specific project within their domain, but might be lacking the necessary security expertise needed to meet a deadline. In addition to security expertise, validation by wolfSSL experts that a project has implemented security correctly can be valuable. wolfSSL consulting services are efficient and cost effective and allow customers to focus on what they do best.
Our standard consulting offerings are outlined below and are available on or off site. Custom packages are also available.
For more information, or to discuss consulting in more detail with a wolfSSL representative, please Contact Us.
Customers in need of quick and effective initial startup with crypto or SSL/TLS will enjoy our Kickstart program. Our Kickstart program will build and test wolfSSL or wolfCrypt in your environment, with your compiler, TCP/IP stack, and operating system variant. The Kickstart program accelerates your project and reduces your project risk. The program includes:
- Porting wolfSSL and/or wolfCrypt to the target platform
- Verifying that wolfSSL/wolfCrypt builds properly on the device
- Validating wolfCrypt crypto modules on your platform with our advanced crypto test suites
- Providing working examples on your device
- As time permits when the above items are complete, we help with application integration, performance optimization, and custom build options
Our Kickstart program is generally one week, but can be expanded as needed.
Feature Additions or NRE
We can incorporate additional features that may be necessary for your development but are not currently offered in wolfSSL Inc. products. These features may include new RFC support, new algorithms, application integration, TLS extensions, hardware cryptography integration, or any number of unique options.
wolfSSL Training Course
The wolfSSL training course covers details of SSL/TLS as well as the wolfSSL embedded SSL/TLS library. Participants will have the opportunity to learn the inner workings of the SSL/TLS protocols as well as further their knowledge of the wolfSSL library. Topics covered include library design, building and getting started with wolfSSL, features, portability/customizability, certificates and keys, debugging and troubleshooting SSL, wolfSSL best practices, and details about the wolfCrypt cryptography library. Time is set aside for hands on discussion and implementation help.
Our training courses are typically two days. Contact us to see our Training Course outline.
As one of the main goals for wolfSSL is ease of use, consulting is provided for developers and engineers wanting to port the wolfSSL lightweight SSL library to new embedded/IoT platforms, operating systems, or transport mediums (TCP/IP, bluetooth, etc.). Consulting for porting wolfSSL will cover modifying the wolfSSL codebase to run on platforms that are not supported by default. Verification of all cryptographic algorithms is included.
Typically one week to two weeks, depending on environment.
Size and memory constraints are a big part of embedded and IoT systems. Optimization consulting is provided to aid developers and engineers with tuning and optimizing the performance and memory usage of the wolfSSL lightweight SSL library.
Our optimization efforts usually range from two to five days.
FIPS / START
Every successful FIPS 140-2 project begins with a sound strategy. wolfSSL has the FIPS expertise you need to satisfy customer requirements for your FIPS 140-2 validated products. Our FIPS/START service is customized to your needs to design an efficient FIPS 140-2 validation process.
- FIPS strategy defined
- Gap analysis report of action items for a successful FIPS validation
- Generation of required FIPS documentation (Security Policy, Finite State Model, Key Management Information, Configuration Management Information, Installation Instructions)
- Draft schedule
Security Architecture Design
We can review your security policy and/or architecture and make suggestions based on our experience in embedded and device security. This can include:
- Defining the proper key strength for your application and threats
- Algorithm choice: Optimizing cipher suites for maximum security and performance. Is bit strength consistent and adequate?
- Protocol use: Is a well reviewed protocol in use or it is custom?
- Salt: Is key derivation/expansion using enough Salt for repeated uses?
- Zeroing keys: Are keys being properly destroyed after use?
- Constant Time: Are side channel attacks open?
wolfSSL currently has millions of build permutations. Looking for the ideal custom build to maximize your environment, requirements, and security? Some of our customers need a custom build for wolfSSL or wolfCrypt. Custom build goals can include:
- Building with or without alternative cryptography, for example, a custom crypto library or cipher or hardware encryption
- Building without unnecessary protocols, for example TLS 1.0 and 1.1
- Building for minimum size
- Building for maximum security
- Building for maximum performance
- Some combination of the above
Rip and Replace Competitive Upgrade
We will help you move from an outdated, orphaned, or overpriced SSL library to the wolfSSL embedded TLS library with low cost and minimal disturbance to your code base. The purpose of this program is to enable users who are currently spending too much on their embedded SSL implementation to move to wolfSSL with ease.
An outline of the Competitive Upgrade Program:
You need to currently be using a commercial competitor to wolfSSL.
You will receive up to two weeks of on-site consulting to switch out your old SSL library with wolfSSL. Travel expenses are not included.
Normally, two weeks is the right amount of time for wolfSSL to make the replacement in your code and do initial testing. Additional consulting on a replacement is available as needed.
You will receive the standard wolfSSL royalty free license to ship with your product.
Phone: +1 (425) 245-8247