2 Audits
Mathijs van Veluw edited this page 2024-11-18 21:01:33 +01:00

Vaultwarden Audits

Vaultwarden has been audit by security companies which helps keeping Vaultwarden secure.

Some audits were done without publishing anything data publicly because the companies which requested the audit with those security companies didn't allowed it, but those researchers did provide the results.

Some audits are publicly published and can be accessed by everyone.

Audit by BSI

Note

The site and report are both in German

BSI (Bundesamt für Sicherheit in der Informationstechnik), a German institute performed an audit on Vaultwarden v1.30.3 under there CAOS (Codeanalyse von Open Source Software) project.

The press release, including the PDF with the results for Vaultwarden can be found here: https://www.bsi.bund.de/DE/Service-Navi/Presse/Alle-Meldungen-News/Meldungen/Codeanalyse-KeePass-Vaultwarden_241014.html

They even have a more detailed ZIP file with all raw information located here: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Downloadserver/P486/CAOS_Vaultwarden.html


As a reference you can download the report here: