Our vision is to bring together the world's expertise to solve challenging security problems.
Innovation is exploding as the next wave of technological progress transforms our world into an increasingly smart and connected cyber-physical place, where billions of new devices and sensors will be made even smarter by intelligence in the cloud. All of us at Praetorian are excited to be working with customers and partners who see security as an enabler of next-wave innovation and a requisite for new technologies to meet their full market potential.
Praetorian provides end-to-end Internet of Things (IoT) product security evaluations and certifications that help organizations successfully balance risk with time-to-market pressures. Our engineers help you strengthen the security of your IoT products from chip to cloud. Our solutions provide coverage across technological domains, including embedded devices, firmware, wireless communication protocols, web and mobile applications, cloud services and APIs, and back-end network infrastructure.
Benefits of working with Praetorian:
To help product teams address emerging security challenges, Praetorian has created research-driven evaluation methodologies that incorporate guidance from the OWASP Application Security Verification Standard (ASVS), which normalizes the range in coverage and level of rigor applied to each IoT product/solution. With its 3 levels of testing rigor, 17 security control categories, and 211 defined test cases, this approach allows our team to meet your unique testing and budget goals by offering tiered pricing based on the comprehensiveness of the security review.
As an active contributor to OWASP ASVS, Praetorian was the first to introduce the embedded device controls category and test cases for Internet of Things security testing in version 3.1.
As part of a professional security evaluation, and depending on the level of rigor, Praetorian will employ a variety of techniques for uncovering unknown vulnerabilities.
IoT Security Testing and Verification Includes:
Praetorian follows the OWASP ASVS standards, which normalizes the range in coverage and level of rigor applied to each application.
Praetorian provides security certifications for IoT products by verifying that solutions meet requirements of OWASP ASVS, which is a list of application security requirements or tests that can be used by architects, developers, testers, security professionals, and even consumers to define what a secure application is.
Evaluation ratings compare information gathered during the course of a Praetorian assessment to the OWASP ASVS version 3.1 criteria for security standards. In total, OWASP ASVS contains 17 unique security control category requirements and over 200 publicly documented test cases.
In addition, Praetorian provides a letter grade representing an IoT product’s current, post-remediation security posture. Praetorian calculates grades based on the "Existing Vulnerability Measure" (EVM) formula. EVM is used to quantify the collective risk of findings identified during an assessment. The letter grade leverages EVM to benchmark risk posture against Praetorian's client-base.
"Praetorian's approach was very professional, to the point and comprised of in-depth analysis of the security vulnerabilities, which was greatly beneficial to us."
"Praetorian was very quick to respond with quotes, very thorough in their testing procedures, and very accommodating to our schedule limits and tight deadlines. Will be back in touch soon to talk about additional work."
"I was very happy with the team, everyone was professional, the items found were useful, and I've received positive feedback from others here in engineering."
"Praetorian always considers the broader set of enterprise services we have here at Qualcomm so reports and recommendations can be actionable."
