Skip to main content

Corellium Security Details

Encryption

All virtual device data is encrypted at rest with the keys only known to the main database and temporarily to the particular compute node responsible for running the virtual device when it is running.

Deletion

When a virtual device is deleted, it is securely erased, and all device data is immediately erased in S3. Device metadata, such as the name of the device and the OS version, is stored in backups, which are securely deleted every 90 days. When a user deletes an account, all devices in that account are erased, and we only preserve analytics data restricted to account subscription and account deletion.

Compartmentalization

Customers are logically compartmentalized according to their Domains. For Enterprise accounts, further compartmentalization can be achieved with Projects. Project networks are completely segregated. They’re implemented as network namespaces within each compute node. The links between project networks spanning multiple compute nodes are protected with a VPN connection that is encrypted with a unique per-project key generated on project creation. External VPNs to the client are also encrypted with a unique per-project key generated on project creation, and each VPN client (e.g. user) has their own unique certificate and key. There’s a per-project key such that without it, TLS negotiation cannot even start. These external VPNs are run from one of the compute nodes and go directly and only to the project network namespaces. Tenants and devices share the same physical machines and management services on the physical machines, but those management services enforce access controls. The virtual devices are virtual machines segregated onto dedicated CPU cores at the EL2 level.

Command and control network communication between different nodes is uniquely authenticated and encrypted by TLS. Additionally, only network access necessary for the functioning of the system is permitted. Compute nodes are only given access to information necessary to run the virtual devices that are assigned to them.