E
Eddie Morra
Thread author
Hiya.
Many friends of mine are very big fans of default-deny solutions and I've noticed that VoodooShield is being mentioned a lot on the forums. I'm currently trying to learn more about the company which owns VoodooShield (VoodooSoft, LLC), as well as how well organised the VoodooShield project is in general, but I've not had much luck in finding the answers to many questions which I have.
I'm going to list all of the questions I am seeking an answer for at the moment and am hopeful that there'll be someone around here with the answers, combined with a reputable source to help validate the correctness of the answers.
General company questions.
VoodooShield specific questions.
I am aware that the chances of my questions being answered with thorough detail and correct, clear and precise English skills is extremely slim, but the above are the questions I currently have and I will appreciate it if any of them can be answered with accuracy, combined with at-least one reputable source to help with accuracy validation.
Kind Regards.
Many friends of mine are very big fans of default-deny solutions and I've noticed that VoodooShield is being mentioned a lot on the forums. I'm currently trying to learn more about the company which owns VoodooShield (VoodooSoft, LLC), as well as how well organised the VoodooShield project is in general, but I've not had much luck in finding the answers to many questions which I have.
I'm going to list all of the questions I am seeking an answer for at the moment and am hopeful that there'll be someone around here with the answers, combined with a reputable source to help validate the correctness of the answers.
General company questions.
- Which country is VoodooSoft, LLC situated under? (I am assuming United States currently).
- Who is the Chairman, Chief Executive Officer, Chief Operating Officer, Chief Financial Officer, and Secretary of VoodooSoft, LLC?
- Does VoodooSoft, LLC comply with GDPR, and if so, how is this compliance managed (e.g. Data Protection Officer)?
- Does VoodooSoft, LLC have any investors, and if so, who are they and how large are the investments?
- Does VoodooSoft, LLC have a past or active relationship with any government agencies?
- Does VoodooSoft, LLC have any legally-employed staff who are working full-time?
- If the answer to the third question is no, does VoodooSoft, LLC have any freelancers which are relied on as and when they are needed, and if so, where can I find more information about who these freelancers are, as well as their portfolio?
- Does VoodooSoft, LLC have an actual headquarters/office building?
- Does VoodooSoft, LLC have any history with investigation from law enforcement? If no, are there any current investigations from law enforcement?
- Does VoodooSoft, LLC have any acquisition/merge deals pending or actively in the works?
- Does VoodooSoft, LLC contribute to the open-source community in any shape or form?
- Does VoodooSoft, LLC make use of any content provided from the open-source community?
- Does VoodooSoft, LLC have any patents and if so, where can I find information on any of the patents?
- Does VoodooSoft, LLC rely on any third-party technology for any of their services, and if so, which third-party technology?
- What are the biggest challenges that VoodooSoft, LLC has faced in the past 6 months?
- What are the biggest opportunities which VoodooSoft, LLC has taken advantage of since it was founded?
- Who are VoodooSoft, LLC's main competitors and why do they deserve to be at the same playing field for competition as any mentioned alleged competitors?
- Where is VoodooSoft, LLC heading over the course of the next 5 years (in terms of direction)?
VoodooShield specific questions.
- Does VoodooShield license its technology to any third-party companies, and if so, which companies are licensing from VoodooSoft, LLC?
- Does VoodooShield get audited by any professional, well-known and reputable companies? If so, where can I find more information about how these audits are conducted, as well as review information from the audits such companies have performed on VoodooShield?
- Does VoodooShield perform automated stress-testing/fuzzing? If so, are such automated tests performed before each new release?
- Does VoodooShield make use of Microsoft's Driver Verifier for their kernel-mode software, and if so, are there any reported issues?
- Does VoodooShield follow Microsoft's Driver Security Checklist for their kernel-mode software? If not, can I please have an explanation as to why such was not followed?
- If applicable for VoodooShield, does VoodooShield use Microsoft's Security Development Lifecycle (SDL) to help it find mistakes earlier on and improve the quality of future work?
- Since VoodooShield does make use of the .NET Framework, how is the .NET Framework used exactly?
- Does VoodooShield follow Microsoft's secure coding guidelines for the .NET Framework?
- On average, how many active customers are there of VoodooShield on a monthly basis?
- How many total sales have been made for VoodooShield Pro since it was first introduced?
- How many bug reports have been made over the period of the last year (including Beta versions)?
- Out of all of the bug reports which have been made over the period of the last year, how many of them remained unsolved after a duration of one month, and are there any which have remained unsolved for over 3 months?
- Following on with question #12, how many unfixed bugs are currently known about, and can details please be shared on who reported the bugs, when the bugs were reported, and what has already been done for investigation/resolution?
- Does VoodooShield hire independent penetration testers to try and break VoodooShield to catch out new ways of attacking the service (both the local software as well as any available online services which are in-house and may be relied on by VoodooShield)? If so, which independent penetration testers have been hired (where can I learn more about who they are as well as their background and examples of work)?
- Has VoodooShield's source code ever been requested by a government agency?
- Has VoodooShield ever been caught out (with concrete evidence that can be shared) preventing an exploit attack which was crafted by a government agency during a real, non-staged and non-PoC attack on a real customers machine? If so, please also provide concrete evidence (which can be considered valid under the eyes of the law for both the United States and the European Union) that such was really from a government agency (as well as an explanation on which government agency was responsible) and that the attack was also actually performed by a government agency.
I am aware that the chances of my questions being answered with thorough detail and correct, clear and precise English skills is extremely slim, but the above are the questions I currently have and I will appreciate it if any of them can be answered with accuracy, combined with at-least one reputable source to help with accuracy validation.
Kind Regards.