People have been asking (me of all persons) about a Security Audit for Enpass, or crowdfunding one.
That is actually not the problem here. Check out their thread on the support forum. A customer asks:
I understand that you do not wish to open-source your product, but I am reluctant to use it because of the fact it is closed-source, the company is based in India (yes, this matters) and there is no information about the development team.
Have you considered having an independent 3rd-party audit your source-code on a regular basis as a way to gain credibility without open-sourcing your product?
and answers can be found further down here:
We would plan for the Security Audit after the Next major release i.e. Enpass 6 as that would have a fat list of features worthy enough for security audit. Please bear with us.
I truly understand concern of all you guys regarding the third party audit. But as I said in my last post that getting the third party audit done for the current architecture will no longer be useful after the next major release, supporting multiple vaults with new architecture. So please bear with us until the next major version is ready for our lovely users (under development).