Knowing the benefits of certification is important for security product vendors and enterprises to understand.
The first step is to understand what certification is and what it is not.
Certification is meant to test certain functions of a product against a specified set of criteria to validate that the product is performing in accordance with the requirements. In the case of antivirus (AV) products, there is a common misunderstanding that certification is solely focused on how well an AV product detects malware. This is not correct. Malware detection is only a part of AV certification testing. Beyond malware detection, ICSA Labs also tests administrative functions and logging to confirm they work properly.
To achieve certification, vendors undergo rigorous testing followed by monthly maintenance testing. When ICSA Labs engineers find issues, they require the vendors to correct them before their product can either achieve, or maintain, its ICSA Labs certification. To achieve certification from ICSA Labs, a vendor must pass the testing but they must also maintain their certification through ongoing certification maintenance.
Also, ICSA Labs certification does not rank one product against another. A product is either certified or not, based on meeting the criteria, which are publically available.
Whitehat engineers perform a valuable service by identifying vulnerabilities in vendors’ security products. This is important work; however this is outside the scope of ICSA Labs’ testing and certification procedure. ICSA Labs believes in responsible disclosure and we disclose all vulnerabilities directly to the vendor. ICSA Labs does not post them in a public forum which can result in further damage for the vendor and its customers.
Certification can carry positive and significant meaning for a vendor. For vendors or developers, certification is an independent mark that signifies that they have satisfied a rigorous set of standards for its product. Certification is also proof of a company’s due diligence and can be a competitive differentiator that provides assurance to their customers.
Data breaches today are impacting virtually every type of organization and they help highlight the importance of making the right technology decisions. A robust security program across an enterprise should be in a constant state of self-evaluation and development in order to achieve true protection against cyberthreats.
About George Japak
Managing Director, ICSA Labs
George Japak heads up ICSA Labs, an independent division of Verizon, where he oversees vendor-neutral testing and certification of systems, products and services, as well as manages consortia organized around technology and market segments.