Assess Third-Party Products' Cybersecurity
CyberPass automates cybersecurity product assessments or certification enabling business acquiring third-party connected devices with confidence.
ENISA Report - Threat Landscape for Supply Chain Attacks
What is CyberPass ?
CyberPass platform provides enterprises with a unique solution to assess and manage the level of cybersecurity of connected ICT/IoT products provided by third-party suppliers.
Free your ICT/IOT products procurement processes from costly, slow, and cumbersome manual cybersecurity assessment. Whether you are acquiring one product or thousands, simply list the product info, select suppliers and our platform will do the rest.
Intuitive & User-Friendly
A very intuitive and easy-to-use solution based on a meta-framework covering the main compliance standards and cybersecurity regulations produced at EU and international level, such as EN 303645, IEC 62443 , ISO 15408, ...
Label & Certification
Provides manufacturers of connected products with a standardized cybersecurity assessment, a label and a certificate that they can share with different customers, as well as a detailed improvement plan to increase the level of maturity of their product
Speed & Efficiency
Combines speed through automation with the precision and efficiency of recognized and accredited laboratories (CAB, ITSEF, CB).providing objective cybersecurity assessment
Commitment & Trust
Directly engages suppliers of connected products around the world with effective assessments and validates the results with an accredited laboratory thus reassuring the entire market value chain
Protection and compliance
Simple & Scalable
Request a Product
Describe the connected product you're looking to procure
Select Suppliers
Select or add relevant product suppliers
Select Level & Standard
Select the applicable cybersecurity standard (ex. EN 303645) and security assurance level (ex. L0/Basic)
Launch Assessment
A notification is sent to the selected suppliers to initiate the requested assessment
Get Comparative Report
You'll receive comparative assessment results of all selected suppliers via an intuitive dashboard
Decide & Engage
Make up informative and accurate decision to engage or not with each supplier
Manage Continuously
You'll have a continuous visibility on the level of security of all your procured products including all their components (new vulnerabilities, changes to compliance or certificate status, etc.)
Receive or Initiate Request
You'll receive an RFP from a business client requesting to share your product cybersecurity assessment results, or You initiate a cybersecurity assessment by your own to get your trusted product listed on the platform
Run Self-Assessment or Third-Party Assessment
Depending on the standard and the level of security assurance requested or selected, You'll have to provide responses to a questionnaire including potentially relevant evidence (design docs, risk-assessment or self-tests results) or You'll be requested to select a recognized or accredited third-party laboratory to share the product and evidence with
Receive Results & Improvement plan
You'll get your assessment results promptly or within a limited deadline depending on the type of assessment and the level of security assurance. These are shown in an intuitive dashboard with an improvement plan to increase your product's security robustness level
Share With Your Customers
You could share the received certificate, label or results with your customers, engage with them and get your product listed on the platform
Manage Continuously
You'll be able to manage the level of security of all your assessed products, build on top of your evidence baseline, manage the certificate status (new vulnerabilities, changes to your products, changes of customers requirements or standards, upgrade level, etc.)
We've heard you
Solving your real problems...
The IoT lifecycle is constantly evolving
- Stricter Regulations
- Certification Continuity must be assured
- Complexity of Vulnerability Management
Each sector has its specific needs
- Cyber Risks vary
- Different levels of security by product type and operating environment
Connected products are often multi-component
- Different providers
- Several security assurance levels
- Various standards/schemes
Project Impacts
Digital | Economic | Societal | Environment | Sovereignty
Fostering cyber assessments in a quantifiable, transparent and recognized way
(via trusted & accredited labs)
Improving collective cybersecurity resilience
Reduce risk of cyberattacks on critical sectors
(eg health)
Pooling of French, European and International standards
Accelerating the adoption of connected technologies
Establishment of an ecosystem of trust
Reduce the dependence on non-trustable solutions
Securing risks with significant ecological repercussions ( the field of energy, for example...)
Strengthening the sharing of expertise between experts in security assessment and certification
This project was funded by the government as part of France 2030
Ce projet a été financé par le gouvernement dans le cadre de France 2030
© 2023 Red Alert Labs. All rights reserved.