Skip to main content
DORA Auditor

Softstack, DORA Compliance Services Review

4.3 out of 5
Cybersecurity / crypto-native
Last updated: 2 authoritative sourcesDORA Auditor Editorial TeamMethodology
Softstack (formerly Chainsulting) is a Germany-based security firm specialising in smart-contract audits, blockchain security reviews, and penetration testing. For DORA, its relevance sits in the ICT security-testing and third-party-risk pillars, particularly for crypto-asset service providers, tokenisation platforms, and fintechs handling digital assets.

Overview

Founded2017
HeadquartersGermany
Team sizeMid-size
Pricing bandMid
DORA Auditor score64/100
Websitesoftstack.io

DORA services

  • Penetration testing
  • ICT security testing
  • Smart-contract audits
  • Digital asset risk assessments
  • Security consulting

Who they serve

Crypto-asset service providersFintech startupsICT third-party providersBanksInsurance companiesInvestment firmsPayment institutions

Strengths

  • Deep ICT and crypto-native security-testing expertise relevant to DORA's resilience-testing pillar
  • Strong, publicly documented client track record with a stated zero post-audit exploit history
  • EU-based (Germany), aligning with DORA's supervisory context

Limitations

  • Focused on security testing rather than full-scope DORA governance, audit, and regulatory advisory
  • Public pricing is limited, so engagement cost is quote-based and varies by scope

Compare Softstack

Frequently asked questions

Does Softstack offer DORA gap assessments?
What entity types does Softstack serve for DORA?
How much does a DORA engagement with Softstack cost?

Sources

  1. Softstack official site
  2. Softstack audit portfolio (GitHub)

Provider data is compiled from public sources and reviewed against our methodology. Last verified 2026-07-10.