Beyond Security joins the growing list of company’s who continue to grow and support the ISASecure Certification Program
Research Triangle Park, North Carolina, USA (12 July 2017)—The ISA Security Compliance Institute (ISCI) announced today that the beSTORM® software security testing tool from Beyond Security has been formally recognized for official use by certification bodies in the EDSA 2.0.0 and SSA 2.0.0 ISASecure® control systems cybersecurity certification shemes.
Communication Robustness Testing (CRT) is one of four dimensions of ISASecure control systems certifications. CRT tools are also used for network stress testing during system level certifications.
beSTORM is a commercial, black box, intelligent fuzzer that performs dynamic security testing of products in development and can be used by network administrators to certify the security of networked applications before deployment.
ISCI publishes CRT test tool recognition requirements for evaluating CRT test tools submitted by suppliers for use in the IEC 62443 based ISASecure certification program. CRT test tools that have been formally recognized by ISCI may be used by ISASecure certification bodies for use in the CRT portion of the ISASecure EDSA and ISASecure SSA certifications.
The ISASecure® tool recognition process confirms that the product’s test suites meet the ISASecure CRT requirements and are capable of consistently executing ISASecure certification tests.
ISCI recomends that suppliers use ISCI-recognized CRT test tools during the product development and testing phases to identify and correct network-based security vulnerabilities. Using recognized CRT tools during the development process also aids suppliers in preparing for formal ISASecure certifications.
The beSTORM Test tool registration and certificate can be viewed on the ISCI web site (www.isasecure.org).
"Beyond Security continues to update their products in support of the ISASecure CRT tool requirements," said Andre Ristaino, ISCI Managing Director. “We are pleased to congratulate Beyond Security on this recent achievement.”
About Beyond Security and beSTORM Beyond Security's solutions, AVDS and beSTORM, accurately assess and help resolve security weaknesses in networks, web applications, industrial systems and networked software. We help businesses and governments simplify and improve the accuracy of their network and application security testing and thus reduce their vulnerability to attack and data loss. Our product lines, AVDS (network and web application vulnerability assessment) and beSTORM (software security testing), will help you secure your network and applications, comply with your own security policy requirements and exceed industry and government security standards.
beSTORM performs comprehensive dynamic security analysis on any software. It will discover security vulnerabilities without access to source code. beSTORM tests any protocol, even those used in process control and aerospace applications.
beSTORM® is a registered trademark of Beyond Security.
Beyond Security press contact: Brian Pearce +1 408-724-9221
About the ISA Security Compliance Institute (ISCI) Founded in 2007, the ISA Security Compliance Institute’s mission is to provide the highest level of assurance possible for the cybersecurity of industrial automation control systems (IACS).
The Institute was established by thought leaders from major organizations in the industrial automation controls community seeking to improve the cybersecurity posture of Critical Infrastructure for generations to come. ISCI Members include Chevron, ExxonMobil, Aramco Services, Honeywell, Invensys (now Schneider Electric), Yokogawa, exida, Codenomicon, CSSC, and IPA-Japan.
The Institute’s goals are realized through industry standards compliance programs, education, technical support, and improvements in suppliers’ development processes and users’ life cycle management practices. The ISASecure® designation ensures that IACS products conform to industry consensus cybersecurity standards such as IEC 62443, providing confidence to users of ISASecure products and systems and creating product differentiation for suppliers conforming to the ISASecure specification (www.isasecure.org).
ISASecure® is a registered trademark of the ISA Security Compliance Institute.