Yes, Canary has undergone a white-box audit by a leading European cybersecurity firm. The audit included all aspects of Canary's encryption handling, including key storage, database security, encryption library review, etc.
In addition, all aspects of Canary's Push notification server and other server-enabled features such as cross-device sync were also audited.
All recommendations from the audit have been implemented.
If your organization is interested in arranging an independent audit prior to switching to Canary, you may reach us here. Please note that this requires a minimum purchase of 100 licenses and all applicable expenses must be borne by your organization.