Authorized Certification Body (ACB)

Mobile Device Platform Security Testing

ICSA Labs tests the built-in security functions in smart phones and tablets for cellular service providers/carriers and mobile device manufacturers.

learn more

Advanced Threat Defense - Email

Every quarter, ICSA Labs tests email security solutions that are designed to protect enterprises from new & little-known malicious threats in email.

Secure SD-WAN

In this annual testing program we test your SD-WAN solution’s support for multiple WAN paths, dynamic path selection and auto-provisioning of edge devices. We also test that it is invulnerable to attack and provides its SD-WAN features securely.

ONC Health IT

As an Accredited Test Lab and Office of the National Coordinator Authorized Certification Body (ONC-ACB), ICSA Labs is authorized by the US government to test and certify Health Information Technology products that support Meaningful Use.

Web Application Firewalls

In annual WAF testing, ICSA Labs attempts to defeat or circumvent the WAF product's security policy. Attacks used in testing include DoS, buffer overflow, cross site scripting (XSS), cross site request forgery (CSRF), improper input validation, session mismanagement, information leakage, and other web application threats.

Network IPS

We annually test intrusion prevention systems (IPS) to see how well they protect against client and server-side attacks aimed at high severity vulnerabilities in enterprise software and how well the product protects against evasion techniques.

Network Attached Peripherals

NAPS will verify that a network attached peripheral will not introduce vulnerabilities to the network where it is installed, and is not vulnerable to exploitation itself, while still providing its intended services to users.

IPSec VPN

ICSA Labs annually tests that VPN products interoperate with others in accordance with the IKEv2 and IPsec standards. For VPNs that support certificate-based signatures, ICSA Labs tests certificate installation & validation. Testing also verifies that cryptographic algorithms are properly implemented and that products are resistant to known IPsec VPN attacks.

Anti-Malware

As malware increases and evolves, third-party testing by ICSA Labs is increasingly important. That's why ICSA Labs performs monthly testing of endpoint and network-based anti-malware products.

Authorized Test Lab (ATL)

IoT Security & Privacy

Depending on the kind of IoT device/sensor, ICSA Labs first chooses a suitable set of testing elements from its "IoT Security Testing Framework." The labs then tests to determine if the IoT device/sensor includes adequate security for its intended application and environment.

Firewalls

In firewall testing ICSA Labs annually tests that the network firewall is stateful and can enforce a security policy. We also test that the firewall itself can withstand attacks, including DoS attacks.

SSL-TLS VPN

In annual SSL-TLS VPN testing of products providing secure remote access to corporate resources, ICSA Labs tests that the different operation modes work properly, including a web-based Reverse Web Proxy and a Layer 3 VPN tunnel. Proper implementation of TLS, management/validation of certificates, enforcement of auth policies, and session control and cleanup are also examined.

Custom Testing

Custom testing services offer customized, 3rd party, expert evaluation and certification testing services designed to meet the specific needs of vendors and corporations.

Advanced Threat Defense (ATD)

ICSA Labs performs quarterly security testing of solutions that are designed to protect enterprises from new & little-known malicious threats.

Testing Services

what's new

Microsoft's Azure Firewall maintains ICSA Labs Firewall Certification

July 21, 2021

After recent testing, Microsoft's Azure Firewall met all of ICSA Labs' firewall security testing requirements. As a result, it retained ICSA Labs Firewall Certification j.mp/2021_azurefw_icsa.

Quarterly Advanced Threat Defense (ATD) Test Results Are Posted Following Q2 2021 Testing

July 14, 2021

The constant stream of newsworthy, security breaches needs to be your wakeup call! We suggest that you use only anti-malware solutions that have passed - and that continue to pass - our independent, quarterly, malicious advanced threat defense testing. After 33 straight days of Q2 2021 ICSA Labs advanced threat defense (ATD) testing, only 7 security solutions from the following list of companies passed our tests: AhnLab, GoSecure, Juniper Networks, RevBits, Sequretek, SonicWall, & Trend Micro. For more, click on this news item or refer to j.mp/icsa_atd.

Juniper Networks vSRX Virtual Firewall maintains ICSA Labs Firewall Certification

June 28, 2021

After recent testing, the vSRX Virtual Firewall from Juniper Networks met all of ICSA Labs' firewall security testing requirements. As a result, it retained ICSA Labs Firewall Certification j.mp/2021_vsrx_icsa.

Taqnia Cyber's RAD NGFW attains ICSA Labs Firewall Certification

June 22, 2021

Congratulations Taqnia Cyber! The RAD NGFW met all of ICSA Labs' requirements during security-based certification testing to attain ICSA Labs Corporate Firewall Certification j.mp/2021_radngfw_icsa

Citrix ADC WAF 14020 maintains ICSA Labs Web Application Firewall Certification

May 24, 2021

After recent security testing, the Citrix ADC WAF 14020 met all of ICSA Labs' web app firewall security testing requirements thereby retaining ICSA Labs WAF Certification j.mp/2021_citrix_waf_icsa. Congratulations Citrix!

more >

30 years of security testing

Read our report commemorating twenty-five years of ICSA Labs security testing. The report documents ICSA Labs' quarter century of testing experience, evolution, and explains how our security testing benefits the security industry and enterprises alike.

2020 testing awards

Excellence in Information Security Testing

ICSA Labs' EIST awards recognize vendors for outstanding achievement in the area of information security certification testing with ICSA Labs. The awards are presented annually to makers of security products that achieve five, ten, fifteen or twenty years of continuous security testing with ICSA Labs. Visit the EIST Awards page for more information on current and previous award winners.

ICSA Labs Certified Products

Product Vendors

Browse By Technology: Search By Keyword:

Browse all Product Certifications

blog

High levels of Locky Ransomware in .7z archives during Q4 2017

BY Jack Walsh

January 12, 2018

It was once only a pipedream that a security product would be able to detect unknown, new malware. But as highlighted by ICSA Labs’ quarterly-recurring advanced threat defense (ATD) security certification testing, there is in fact a short list of security vendors that not only detect new threats, but do it well

Ransomware Higher During Q3 Advanced Threat Defense Testing

BY Jack Walsh

October 11, 2017

ICSA Labs encourages enterprises to consider the results of its quarterly advanced threat defense (ATD) security testing and to demand only ICSA Labs certified ATD solutions. In ATD and the related ATD-Email testing, ICSA Labs tests to see how well security vendor solutions detect new and little-known malicious threats. Testing for Q3 2017 just recently concluded and the results are posted.

View Latest Blogs

video

February 9, 2017

Canary's CTO discusses the value of ICSA Labs' IoT Security Certification

Canary Connect, Inc. is a video-driven home security company that helps consumers safeguard their home by sending alerts to an app on a smartphone when activity is detected. It was important to Canary that the Canary all-in-one security solution was substantiated by security professionals. The company worked with ICSA Labs to ensure this device met appropriate and recommended security requirements, as set forth in the ICSA Labs IoT Security Framework. Chris Rill, co-founder and CTO of Canary, discusses the value of IoT Device Security Certification offered by ICSA Labs.

View Latest Videos