Softstack, DORA Compliance Services Review
4.3 out of 5
Cybersecurity / crypto-nativeSoftstack (formerly Chainsulting) is a Germany-based security firm specialising in smart-contract audits, blockchain security reviews, and penetration testing. For DORA, its relevance sits in the ICT security-testing and third-party-risk pillars, particularly for crypto-asset service providers, tokenisation platforms, and fintechs handling digital assets.
Overview
| Founded | 2017 |
|---|---|
| Headquarters | Germany |
| Team size | Mid-size |
| Pricing band | Mid |
| DORA Auditor score | 64/100 |
| Website | softstack.io |
DORA services
- Penetration testing
- ICT security testing
- Smart-contract audits
- Digital asset risk assessments
- Security consulting
Who they serve
Crypto-asset service providersFintech startupsICT third-party providersBanksInsurance companiesInvestment firmsPayment institutions
Strengths
- Deep ICT and crypto-native security-testing expertise relevant to DORA's resilience-testing pillar
- Strong, publicly documented client track record with a stated zero post-audit exploit history
- EU-based (Germany), aligning with DORA's supervisory context
Limitations
- Focused on security testing rather than full-scope DORA governance, audit, and regulatory advisory
- Public pricing is limited, so engagement cost is quote-based and varies by scope
Compare Softstack
Frequently asked questions
Does Softstack offer DORA gap assessments?
Softstack focuses on penetration testing and ict security testing; confirm gap-assessment scope directly.
What entity types does Softstack serve for DORA?
Softstack works with crypto-asset service providers, fintech startups, ict third-party providers, banks, insurance companies, investment firms, payment institutions.
How much does a DORA engagement with Softstack cost?
Pricing is mid-tier and typically scoped per engagement. Contact Softstack for a quote.
Sources
Provider data is compiled from public sources and reviewed against our methodology. Last verified 2026-07-10.
