Technology

In today’s fast-moving markets, too many companies rush to release products to gain a competitive edge, but without sufficient thought about security. 

The more cyber security mature and regulated sectors such as financial services or telecoms already recognise the risks and will penetration security test products to ensure that they will not compromise user security.

But any company designing and manufacturing a product for the enterprise or SMB markets, whether it’s a printer, phone system or software application, should follow the same due diligence. This also applies to products going into peoples’ houses, consumer devices such as routers and set top boxes. 

These problems are rapidly becoming more urgent, with the rush to exploit and secure the Internet of Things and the promise of billions of connected devices. It’s always easier to design in security from the beginning than to think about it only when customers have been hacked.

At Context, our product security evaluation service is designed to help you ascertain how well a product has been developed from a security perspective, and how well it will stand up to a wide range of threats. Whether it's your product, or one you're thinking about buying, using or recommending, we will attack it like a hacker would, to find any vulnerabilities and likely areas of weakness. Think of it as red-teaming a product.

We use a wide range of tools and techniques for analysing the security of a product, depending on the relevant threats and the scope of the test. These may include anything from the network, radio-frequency, hardware, firmware and software perspectives. Many of these evaluations include several different aspects, depending on the product and the agreed scope of the evaluation.

Some of the devices and systems we have worked on include:

  • Consumer and enterprise networking equipment
  • CCTV, smart locks and security alarm systems
  • Consumer entertainment systems and mobile phones
  • Enterprise IP telephony and teleconferencing equipment
  • Industrial control systems, vehicles and high-assurance systems
  • HVAC, building management and access control systems
     

Contact us to see a sample report

If you have a product or software to test, please get in touch with our team. We can also send you sample report to take a look at.

CREST
CREST STAR
CHECK IT Health Check Service
CTAS - CESG Tailored Assurance Service
CBEST
Cyber Essentials
CESG Certified Product
CESG Certified Service
First - Improving Security Together
BSI ISO 9001 FS 581360
BSI ISO 27001 IS 553326
PCI - Approved Scanning Vendor