Security Audit 2025 March

OpenG2P partnered with Nucleus Systems (formerly GHSC) to conduct an independent third-party security audit of OpenG2P platform. During this exercise, Nucleus Systems performed a comprehensive set of web and API penetration tests on four key applications of the OpenG2P platform:

1. Social Registry

2. PBMS

3. SPAR

4. G2P Bridge

These technical assessments were conducted in accordance with OWASP and industry best practices to identify critical security flaws and assess the platform’s risk posture. All four applications achieved the highest risk rating (A+), indicating an overall low risk posture in line with best practices.

This milestone reaffirms the strength and resilience of our platform and provides added assurance to governments and partners looking to integrate OpenG2P into their infrastructure.

The final reports of the audit are available below.