ioXt Alliance Testing & Certification
Get tested and certified against the Standards for Global IoT Security.
The ioXt Alliance is a forward-thinking organization that is setting the global standard for the security of interconnected devices and applications. Comprised of hundreds of industry leaders, ioXt’s membership alliance has established eight clear principles that serve as the baseline for demonstrating product security to end-users, retailers, and ecosystem partners.
As an Authorized ioXt Lab, Bishop Fox is both a contributing member to the continued development of ioXt’s standards and a certified assessor of products. With deep knowledge of ioXt’s core principles and two decades of offensive security experience, Bishop Fox is uniquely positioned to streamline your path to certification.
d88P Y88b d8888
888 888 888
888 888 888
888 888 888
888 888 888
Y88b d88P 888
"Y8888P" 8888888
Demonstrate your commitment to IoT and product security.
ACHIEVE CERTIFICATION. DEMONSTRATE YOUR COMMITMENT TO PRODUCT SECURITY.
Our evaluation process is purpose-built to help organizations achieve accreditation and alleviate the burden of self-assessment procedures, resulting in:
- A higher probability of certification
- An accelerated timeframe to accreditation
- Quicker remediation in the event standards are not met
- Avoidance of time and fees associated with retesting
To learn more about how Bishop Fox can certify your product, simply complete the form on this page.
Start Your ioXt Assessment:
Thank you for submitting your request.
One of our ioXt team members will be getting back to you within the next two hours or by next business day if your inquiry is placed after business hours.
Have a great day!
d88P Y88b d88P Y88b
888 888 888
888 888 .d88P
888 888 .od888P"
888 888 d88P"
Y88b d88P 888"
"Y8888P" 888888888
Why Bishop Fox
Gain peace of mind with testing conducted by an industry leader who adheres to the rigor and gold standard of IoT testing.
Proven Delivery
With two decades of experience and over 6,000 engagements delivered, Bishop Fox is recognized as the authority in offensive security. We’ve worked with hundreds of organizations to improve the security of their IoT devices and applications.
Ingenuity in IoT
We’re proud to be the innovators behind many popular offensive security tools and well-known IoT research that have helped strengthen the defenses of organizations around the globe. We put this innovation to work for our clients.
Deep Domain Expertise
Our assessment covers the full spectrum of ioXt’s core principles, and we bring years of experience in device security across many industries, including utilities, vehicles, telecom, smart home, medical, security systems, electronic locks, and much more.
d88P Y88b d88P Y88b
888 888 .d88P
888 888 8888"
888 888 "Y8b.
888 888 888 888
Y88b d88P Y88b d88P
"Y8888P" "Y8888P"
FAQs
YOU HAVE QUESTIONS. WE HAVE ANSWERS
What is the ioXt Alliance?
This Alliance is the Global Standard for IoT Security. Founded by leading technology and product manufacturing firms, including Google, Amazon, T-Mobile, and Comcast, the ioXt Alliance is the only industry-led, global IoT product security and certification program in the world.
Why did Bishop Fox become a certified lab?
Bishop Fox has vast experience in IoT application and device testing. As an ioXt Certified Lab, clients have even greater peace of mind knowing that they are working with an industry leader who adheres to the rigor and gold standard of IoT testing.
Why would an organization choose a Certified Lab over self-certification
Certified Labs are well versed in conducting thorough examinations based on years of experience and domain expertise. This expertise leads to a higher probability of achieving certification.
Does Bishop Fox produce the same reporting for ioXt testing as their own product security review?
No. The reporting is based on the results of the ioXt profile test cases. Customers will be notified via the ioXt member portal of pass or fail for each test case.
Why should a company get ioXt Certified?
ioXt certification instills confidence in buyers, end users, and partners and shows your commitment to security. Certification also mitigates liability by showing adherence to industry standards, and “shares the load” by keeping the manufacturers of certified apps and devices informed of regulatory requirements and emerging threats.
What does it mean to be an ioXt Certified Lab?
The mission of the ioXt Alliance is to build manufacturer, developer, and consumer confidence in the security of IoT products. Authorized Labs are invaluable for building this confidence. They are the exclusive test providers for the ioXt Alliance and contribute input on ioXt standards.
Does Bishop Fox follow the same methodology for ioXt testing as its own product security review?
No, it follows the approved ioXt profiles. These profiles outline a series of test cases that follow the eight ioXt principles to provide guidelines for quantifying the appropriate level of security needed for a specific product. See more details here.
What specific types of vulnerabilities and weaknesses are being assessed?
The ioXt certification process covers a foundational level of security checks. Requirement details can be found here.
d88P Y88b d8P888
888 888 d8P 888
888 888 d8P 888
888 888 d88 888
888 888 8888888888
Y88b d88P 888
"Y8888P" 888
Customer Story
When Sonos was bringing a new voice-enabled speaker to the market, they turned to Bishop Fox to ensure that new product features didn't put customers at risk.
t Sonos, the hardware is a key component to the overall security posture. So having a partner that is comfortable with hardware-based penetration tests was very important to us. I’ve worked with a number of different vendors, but when it came time to figure out who to use for Sonos, I ultimately knew Bishop Fox was the best fit for us.
RELATED RESOURCES
Extend your knowledge with these IoT security related resources.
Blog Post
You're Doing IoT RNG
Learn why hardware random number generators (RNG) used by billions of IoT devices to create encryption keys don't always generate random numbers.
Blog Post
You're (Still) Doing IoT RNG
In this blog, we follow up on the systemic problem of insecure use of random number generators (RNGs) in the Internet of Things (IoT) industry.
Datasheet
Product Security Review Datasheet
Learn how to fortify your device security by leveraging a multi-point testing methodology that extends beyond known vulnerabilities to keep security issues from reaching production and avoiding real-world attacks.
Methodology
Product Security Review Methodology
Overview of Bishop Fox’s methodology for conducting product security reviews.
Blog Post
Product Security Review Methodology for Traeger Grill Hack
Read for an in-depth analysis of the Traeger Grill hack, uncovering the vulnerabilities that could compromise your grill's security and how they were addressed.
Blog Post
An Introduction to the OWASP IoT Top 10
Bishop Fox highlights the OWASP IoT top 10 security risks, including weak passwords, insufficient privacy protection, and insecure ecosystem interfaces.
Still have questions?
Chat with one of our security experts to learn how we can support your security needs.
