The ISA Security Compliance Institute has announced today that the beSTORM software security testing tool from Beyond Security has been formally recognized for official use by certification bodies in ISASecure industrial automation and control system (IACS) cybersecurity certification program.
Communication robustness testing is one of four dimensions of the embedded device certification. CRT tools are also used for network stress testing during system level certifications. With this recognition, Beyond Security joins the growing list of cyber security organizations supporting the ISASecure certification scheme.
beSTORM is a commercial, black box, intelligent fuzzer that performs dynamic security testing of products in development and can be used by network administrators to certify the security of networked applications before deployment. Software QA departments that may be using a dozen different tools to test application security can now get all dynamic security testing done with just one. Administrators who must certify applications before deployment can now use one tool to test all networked applications - even those with proprietary protocols.
The ISA Security Compliance Institute publishes CRT test tool recognition requirements used for evaluating CRT test tools submitted by suppliers for use in the ISASecure certification program. CRT test tools that have been formally recognized by ISCI, may be used by ISASecure certification bodies for use in the CRT portion of the ISASecure EDSA and ISASecure SSA certifications.
The ISASecure tool recognition process confirms that the product's test suites meet the ISASecure CRT requirements and are capable of consistently executing ISASecure certification tests.
ISCI recommends that suppliers use ISCI recognized CRT test tools during the product development and testing phases to identify and correct network based security vulnerabilities. Using recognized CRT tools during the development process also aids suppliers in preparing for the formal ISASecure EDSA certification assessment
The beSTORM Test tool registration and certificate can be viewed on the ISA Security Compliance Institute (ISCI) web site (www.isasecure.org).
"We are pleased that the Beyond Security team has presented beSTORM for recognition as an ISASecure CRT testing tool. " said Andre Ristaino, ISCI Managing Director. "It requires a long term commitment to the ISASecure global certification scheme and we're happy to have beSTORM recognized and on board."
About Beyond Security and beSTORM
Beyond Security's solutions, AVDS and beSTORM, accurately assess and help resolve security weaknesses in networks, web applications, industrial systems and networked software. We help businesses and governments simplify and improve the accuracy of their network and application security testing and thus reduce their vulnerability to attack and data loss. Our product lines, AVDS (network and web application vulnerability assessment) and beSTORM (software security testing), will help you secure your network and applications, comply with your own security policy requirements and exceed industry and government security standards.
beSTORM performs comprehensive dynamic security analysis on any software. It will discover security vulnerabilities without access to source code. beSTORM tests any protocol, even those used in process control and aerospace applications.
beSTORM is a registered trademark of Beyond Security.
Beyond Security press contact:
+1 408 724 9221
About the ISA Security Compliance Institute (ISCI)
Founded in 2007, the ISA Security Compliance Institute's mission is to provide the highest level of assurance possible for the cyber security of industrial automation control systems (IACS).
The Institute was established by thought leaders from major organizations in the industrial automation controls community seeking to improve the cyber security posture of critical Infrastructure for generations to come. ISCI Members include Chevron, ExxonMobil, Aramco Services, Honeywell, Invensys (now Schneider Electric), Yokogawa, Exida, Codenomicon, CSSC, and IPA-Japan.
The Institute's goals are realized through industry standards compliance programs, education, technical support, and improvements in suppliers' development processes and users' life cycle management practices. The ISASecure designation ensures that IACS products conform to industry consensus cyber security standards such as ISA/IEC 62443, providing confidence to users of ISASecure products and systems and creating product differentiation for suppliers conforming to the ISASecure specification. www.isasecure.org
ISASecure is a registered trademark of the ISA Security Compliance Institute.
ISCI press contact: