Our clients include leading internet service providers, utility companies, medical device companies, consumer product manufacturers, law firms, and investment firms. Every River Loop Security engagement is tailored to meet our clients’ unique needs, and every project begins with a thorough understanding of clients’ security objectives.

We offer advisory input, deep technical assessment, and co-development, depending on client needs’ and the lifecycle of their products. We encourage clients to engage our services early in their product development cycle so that we can assist in designing a secure system from the start; we understand, however, that early engagement is not always possible and are available for consultation at any stage of development or deployment.

Our team adheres to ethical codes of conduct to maintain the confidentiality, integrity, and availability of your systems. We take client confidentiality very seriously and make a clear distinction between consulting services and open source community contributions.

We excel at solving problems, ranging from tactical to strategic, and are available for rapid turnaround consultations, system evaluations, or comprehensive security strategies.

Contact us so we can discuss your needs.

Hardware assessment and penetration testing

We perform black or white-box analysis of hardware systems, ranging from embedded systems to consumer products to large scale infrastructure. Our engineers work closely with our security experts to examine each part of clients’ systems down to the circuit board, and we assess threat vectors to the firmware. We often build custom tools to extract code, keys, and more, based on client needs.

Wireless reverse engineering

We perform in-depth wireless security assessments including radio frequency (RF) protocol reverse engineering and wireless penetration testing. We also provide consultation and design services to assist our clients in developing secure wireless systems. Our RF engineers, reverse engineers, and cryptographers work together to deliver complete solutions.

Hardware Supply Chain Security

We assess devices to look for anomolies at the hardware level which could indicate supply-chain security issues. We work with your team to develop tactical plans for reviewing hardware security while developing strategies to reduce risk in the future.

Threat modeling & risk assessment

Our experts review clients’ system designs, business needs, and risk profiles to recommend proven security techniques, industry best practices, and help prioritize items for deep security assessments.

Cryptography design and review

We recommend appropriate cryptographic protocols for your use cases, and review cryptographic designs and algorithm implementations to assess and improve their security.

Network scanning, including device enumeration and vulnerability analysis

We perform discovery of an organization’s true internet or intranet facing exposure, and determine what platform or application vulnerabilities exist.

Software and system penetration testing

We apply in-depth knowledge of real-world threats to identify and mitigate vulnerabilities that could be used by attackers to breach the security of clients’ software, networks, and other systems. We work closely with our clients to formulate appropriate test procedures, which could include checking for application vulnerabilities, social engineering, or physical penetration testing.

Disclosure response consulting

Our team validates findings, compares solutions with best practices, and offers expert advice to the response teams when clients experience reported product vulnerabilities from external researchers.

Custom security tools, including code and/or hardware development

We have experience developing custom software solutions on platform and embedded devices. We have in-house PCB design and assembly capabilities for custom hardware to interface with unique target devices.