Pushing Boundaries

Top-notch device security expertise at your service.

Explore

Get in touch!

Our services

We add value to your business

Going the extra mile for providing the best Device Security expertise possible.

Knowledge

We leverage our extensive knowledge on device-level security (e.g. Secure Boot, TEEs) and advanced testing techniques (e.g. Fault Injection) for securing your product.

Moreover, our insightful training program and other innovative services can significantly contribute to your company’s knowledge development.

Expertise

We have tested, broken and secured countless secure products, at a professional lab level. Across multiple industries and against all range of adversaries.

We have witnessed first-hand the progress of security in the last 10 years within a wide variety of devices used by different markets (e.g. Mobile, Payment, Automotive, Industrial, IoT).

Research

Research is a core activity at Realize. We actively pursue areas of interest to us and our customers. You can read our research results on our blog on this website.

We would be happy to help you with the identification of new ways to attack or secure your product’s software and hardware.

Perspective

We take in your product’s design or implementation as a whole, aiming to contribute to its security from its hardware foundations to its critical software layers.

We always analyze devices or components thereof with an eye for the system it operates in. We adapt our approach to the needs and threats applicable for your use case or business case.

Recent Projects


Secure Code Review
Trusted Application

We reviewed the code of a TA, executed within a TEE, which implemented a DRM solution.

We identified multiple vulnerabilities that can be exploited from the REE or other TAs, by attackers with and without physical access to the device.

Secure Architecture Review
System-on-Chip (SoC)

We reviewed the security architecture of a modern SoC implementing the ARMv8 architecture.

We found multiple vulnerabilities and weaknesses in the SoC’s OTP controller, TZASC and TZPC. Also, we identified several potential fault injection vulnerabilities.

Penetration Test
Embedded Device

We used a (hardware) flash programmer to extract the software from the device and performed binary analysis.

We identified multiple exploitable vulnerabilities that can be exploited by attacker with and without physical access to the device.

Architecture Review
TEE Operating System (OS)

We used our TEE expertise to support a manufacturer during the design and implementation of a TEE OS.

As our services were requested during the development phase, we were able to guide the manufacturer towards a stronger implementation before the product’s release.

Private TEE Training
Manufacturer and Security Lab

We gave our TEEPwn training in a private setting to the personnel of a manufacturer and a security lab.

During these trainings the attendees worked their way through many hands-on exercises, immediately applying the concepts received during lectures.

Secure Code Review
ROM bootloader

We reviewed the code of a ROM bootloader implemented by a System-on-Chip (SoC).

We identified multiple vulnerabilities in the recovery mode implemented by the ROM code, which could be exploited by an attacker with physical access.

Marc Witteman

Marc Witteman

CEO, Riscure

While Raelize is a young company, it already has an impressive amount of knowledge and experience. I have worked with both Cristofaro and Niek, and recommend them for their high ethical and quality standards.

Saumil Shah

Saumil Shah

Co-Organiser, Ringzer0 Training

The crew at Raelize, Cristofaro Mune and Niek Timmers, bring technical excellence coupled with several years of experience in the cybersecurity field both from a hardware and a software perspective. I have followed their work over the past decade. They have managed to demonstrate on several occasions ‘making the theoretical, practical’. If you really want to learn about controlled attacks on secured environments, be it secure boot, or be it secure enclave, the folks at Raelize have got you covered!

Antriksh Shah

Antriksh Shah

Co-Founder, Payatu

We are extremely honored to have had Niek Timmers and Cristofaro Mune as trainers at our flagship events nullcon & hardwear.io since the last two years. Their research has always caught the attention of the technical audience and the industry definitely learns a lot of from their publications. We wish them both great success.

Latest Posts

View All Posts

Contact Us

Contact Details

Feel free to contact us, we will be happy to listen and support.

Meeuwenlaan 20, 3055 CL, Rotterdam, The Netherlands
Email: info@raelize.com
VAT: NL861445934B01
KVK: 78549477