Product Security Evaluation

Product Security Evaluation

Have you ever thought about how your product would stand up against hackers? Or are you interested in how well a product has been developed before buying, using or recommending it? 

Our product evaluation service is designed to help you ascertain how well a product has been developed from a security perspective and the level to which it might stand up to relevant threats.

Whether it's your product, or one you're thinking about buying, using or recommending, we'll attack it like a hacker would, to find any obvious vulnerabilities and likely areas of weakness.

How we can help

This service is designed to deliver the level of assurance for the appropriate threats. It is not a full product assurance process, which can take many weeks (if you do want that, or want to sell to UK Government, look into CPA or CTAS), but a way of achieving a pragmatic measure of assurance in the security of a product.

Each assessment is tailored to the product and to your requirements. We will work with you to determine a suitable scope for the evaluation, taking into account the likely threat to the product and the impact of a breach in security. 

Our experience

Our Research team have a real mix of skills and experience, but share a core set of reverse engineering, vulnerability research and software development skills.

Previous customers include global technology vendors, corporate and government organisations.

As we won’t discuss previous customer tasks, here are some examples of what we've found in other commercial products that we investigated for our own research (use the links on the right hand side of this page to read more about each of them):

  • Turning a BLE stuffed toy into an espionage device
  • Hacking an Android based video-conference phone
  • Breaking Android phones with an SMS
  • Reverse engineering an outdoor cloud security camera to steal secrets, including the home network’s Wi-Fi password
  • Disabling a smart burglar alarm
  • Hacking into internet connected light bulbs
  • Hacking a wireless printer
     

Get in touch if you would like to see a sample report

CREST
CREST STAR
CHECK IT Health Check Service
CTAS - CESG Tailored Assurance Service
CBEST
Cyber Essentials
CESG Certified Product
CESG Certified Service
First - Improving Security Together
BSI ISO 9001 FS 581360
BSI ISO 27001 IS 553326
PCI - Approved Scanning Vendor