Executive brief on how PCI DSS 4.0 affects offensive security practices, penetration testing, and segmentation testing. Watch Now

Artistic representation of Bishop Fox cybersecurity professionals conducting penetration testing and security assessment services using reference to the hacker culture.
WE'RE AN AUTHORIZED LAB PARTNER

ioXt Alliance Testing & Certification

Get tested and certified against the Standards for Global IoT Security.

Artistic representation of Bishop Fox offensive security approach including penetration testing and security assessment services using reference to robotic, AI, and automation with the robot looking skeleton hand.

The ioXt Alliance is a forward-thinking organization that is setting the global standard for the security of interconnected devices and applications. Comprised of hundreds of industry leaders, ioXt’s membership alliance has established eight clear principles that serve as the baseline for demonstrating product security to end-users, retailers, and ecosystem partners.

As an Authorized ioXt Lab, Bishop Fox is both a contributing member to the continued development of ioXt’s standards and a certified assessor of products. With deep knowledge of ioXt’s core principles and two decades of offensive security experience, Bishop Fox is uniquely positioned to streamline your path to certification.

 .d8888b.   d888
d88P  Y88b d8888
888    888   888
888    888   888
888    888   888
888    888   888
Y88b  d88P   888
 "Y8888P"  8888888

Demonstrate your commitment to IoT and product security.

ACHIEVE CERTIFICATION. DEMONSTRATE YOUR COMMITMENT TO PRODUCT SECURITY.

Our evaluation process is purpose-built to help organizations achieve accreditation and alleviate the burden of self-assessment procedures, resulting in:

  • A higher probability of certification
  • An accelerated timeframe to accreditation
  • Quicker remediation in the event standards are not met
  • Avoidance of time and fees associated with retesting

To learn more about how Bishop Fox can certify your product, simply complete the form on this page.

ioXt Authorized Lab logo.

Start Your ioXt Assessment:

 .d8888b.   .d8888b.
d88P  Y88b d88P  Y88b
888    888        888
888    888      .d88P
888    888  .od888P"
888    888 d88P"
Y88b  d88P 888"
 "Y8888P"  888888888

Why Bishop Fox

Gain peace of mind with testing conducted by an industry leader who adheres to the rigor and gold standard of IoT testing.

Proven Delivery

With two decades of experience and over 6,000 engagements delivered, Bishop Fox is recognized as the authority in offensive security. We’ve worked with hundreds of organizations to improve the security of their IoT devices and applications.

Ingenuity in IoT

We’re proud to be the innovators behind many popular offensive security tools and well-known IoT research that have helped strengthen the defenses of organizations around the globe. We put this innovation to work for our clients.

Deep Domain Expertise

Our assessment covers the full spectrum of ioXt’s core principles, and we bring years of experience in device security across many industries, including utilities, vehicles, telecom, smart home, medical, security systems, electronic locks, and much more.

 .d8888b.   .d8888b.
d88P  Y88b d88P  Y88b
888    888      .d88P
888    888      8888"
888    888      "Y8b.
888    888 888    888
Y88b  d88P Y88b  d88P
 "Y8888P"   "Y8888P"

FAQs

YOU HAVE QUESTIONS. WE HAVE ANSWERS

What is the ioXt Alliance?
This Alliance is the Global Standard for IoT Security. Founded by leading technology and product manufacturing firms, including Google, Amazon, T-Mobile, and Comcast, the ioXt Alliance is the only industry-led, global IoT product security and certification program in the world. 

Why did Bishop Fox become a certified lab?
Bishop Fox has vast experience in IoT application and device testing. As an ioXt Certified Lab, clients have even greater peace of mind knowing that they are working with an industry leader who adheres to the rigor and gold standard of IoT testing.

Why would an organization choose a Certified Lab over self-certification
Certified Labs are well versed in conducting thorough examinations based on years of experience and domain expertise. This expertise leads to a higher probability of achieving certification.

Does Bishop Fox produce the same reporting for ioXt testing as their own product security review?
No. The reporting is based on the results of the ioXt profile test cases. Customers will be notified via the ioXt member portal of pass or fail for each test case.

Why should a company get ioXt Certified?
ioXt certification instills confidence in buyers, end users, and partners and shows your commitment to security. Certification also mitigates liability by showing adherence to industry standards, and “shares the load” by keeping the manufacturers of certified apps and devices informed of regulatory requirements and emerging threats.

What does it mean to be an ioXt Certified Lab?
The mission of the ioXt Alliance is to build manufacturer, developer, and consumer confidence in the security of IoT products. Authorized Labs are invaluable for building this confidence. They are the exclusive test providers for the ioXt Alliance and contribute input on ioXt standards.

Does Bishop Fox follow the same methodology for ioXt testing as its own product security review?
No, it follows the approved ioXt profiles. These profiles outline a series of test cases that follow the eight ioXt principles to provide guidelines for quantifying the appropriate level of security needed for a specific product. See more details here.

What specific types of vulnerabilities and weaknesses are being assessed?
The ioXt certification process covers a foundational level of security checks. Requirement details can be found here.

 .d8888b.      d8888
d88P  Y88b    d8P888
888    888   d8P 888
888    888  d8P  888
888    888 d88   888
888    888 8888888888
Y88b  d88P       888
 "Y8888P"        888

Customer Story

When Sonos was bringing a new voice-enabled speaker to the market, they turned to Bishop Fox to ensure that new product features didn't put customers at risk.

t Sonos, the hardware is a key component to the overall security posture. So having a partner that is comfortable with hardware-based penetration tests was very important to us. I’ve worked with a number of different vendors, but when it came time to figure out who to use for Sonos, I ultimately knew Bishop Fox was the best fit for us.

— Jim Hong, Director of Product Management
White Sonos logo on ioXt certification page. Sonos Makes Secure Moves with Bishop Fox.

RELATED RESOURCES

Extend your knowledge with these IoT security related resources.

Blog Post

You're Doing IoT RNG

Resource card image v0e48a3e04aa3 resources sw labs review attack surface dark

Learn why hardware random number generators (RNG) used by billions of IoT devices to create encryption keys don't always generate random numbers.

Blog Post

You're (Still) Doing IoT RNG

Resource card image 1f333a87dfb5 blog heartbleeds wake password primer dark

In this blog, we follow up on the systemic problem of insecure use of random number generators (RNGs) in the Internet of Things (IoT) industry.

Datasheet

Product Security Review Datasheet

Resource card image 2f454d7fc1a5 blog technology museums to visit dark

Learn how to fortify your device security by leveraging a multi-point testing methodology that extends beyond known vulnerabilities to keep security issues from reaching production and avoiding real-world attacks.

Methodology

Product Security Review Methodology

Resource card image 0de0e3dfeba3 blog defcon 30 recap dark

Overview of Bishop Fox’s methodology for conducting product security reviews.

Blog Post

Product Security Review Methodology for Traeger Grill Hack

Resource card image v0e48a3e04aa3 resources sw labs review attack surface dark

Read for an in-depth analysis of the Traeger Grill hack, uncovering the vulnerabilities that could compromise your grill's security and how they were addressed.

Blog Post

An Introduction to the OWASP IoT Top 10

Resource card image 2f454d7fc1a5 blog technology museums to visit dark

Bishop Fox highlights the OWASP IoT top 10 security risks, including weak passwords, insufficient privacy protection, and insecure ecosystem interfaces.

Still have questions?

Chat with one of our security experts to learn how we can support your security needs.

Black on white artistic representation of a penetration testing engagement using a section of a robotic looking machine with an organic human feel.

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.