Faradai Confirms Successful Completion of Independent Security Verification for Its Carbon Management Platform

Faradai is proud to share the results of the independent security verification conducted by BTYÖN Technology A.Ş., carried out in line with OWASP 4.2, NIST, and TS 13638 standards, and officially approved in October 2025.

This third-party validation highlights Faradai’s ongoing commitment to data security, transparency, and continuous improvement across its carbon and ESG data management platform.

Security Assessment Overview

Between 3 and 5 September 2025, BTYÖN conducted an extensive web-application security test of the Faradai platform.

The assessment covered AI-powered data modules, report-generation services, and API endpoints used by enterprise customers.

All issues identified during the initial security assessment were resolved and re-validated as remediated.
The verification phase confirmed that all previously detected findings — including critical, high, medium, and low-level vulnerabilities — had been fixed and validated.

“Our clients expect their sustainability data to be managed with the same rigour as financial information,” said Bilal Ceylan, IT Security Lead at Faradai.
“This independent verification confirms that we maintain strong controls and transparent remediation processes across every layer of our platform.”

Assessment Highlights

• Conducted by BTYÖN Technology A.Ş., a certified penetration-testing firm accredited under TS 13638 Information Security Testing Standard
• Tested against OWASP Web Security Testing Guide (WSTG) categories, including authentication, authorisation, input validation, cryptography, and API exposure.
• Verified closure of findings such as:
  • Prompt-injection risks in AI interfaces
  • Cross-site scripting (XSS) in report-template modules
  • Insecure direct object references
  • Unrestricted file uploads and information-disclosure points
• All items confirmed remediated as of 25 September 2025

Ongoing Security Commitment

Faradai will continue to conduct periodic independent security testing and maintain ongoing monitoring of its SaaS infrastructure, data-handling processes, and AI-based components.

The company’s security roadmap includes annual third-party reviews to ensure continuous compliance with enterprise-grade information-security expectations.

About Faradai

Faradai is a technology company delivering software for carbon accounting, ESG reporting, and sustainability performance management.

Its platform supports enterprises and sustainability consultants in measuring, analysing, and reducing greenhouse gas emissions through data-driven insights.

For more detailed information about our platform’s security practices and ongoing commitment, contact us: [email protected] 📩