Jericho Forum Offers Free Security Product Assessment Tool

‘Nasty questions’ to ask your security vendors

International cloud security group Jericho Forum has created a free self-assessment tool for security vendors and buyers to determine the security of their products — namely in cloud-based environments.

The Jericho Forum’s Self-Assessment Scheme is for security vendors that want to check whether their products are cloud-ready, and for prospective buyers who want to vet those products. The tool is based on the forum’s 11 commandments for security, which are basically a checklist that can be used in RFPs. It asks direct questions intended to expose security flaws or potential loopholes in products, and includes a scoring process.

Vendors will be able to add a Jericho Forum "Self-Assessed" logo on their Websites, according to the Forum.

Bob West, founder and CEO of EchelonOne and a Jericho Forum board member, says he envisions the tool as an overall scorecard. "I see this as being part of a requirements document or checklist," West says. "It’s looking at a particular technology and incorporating it into a broader context." […]

The tool can be downloaded here (PDF).

http://www.darkreading.com/security/vulnerabilities/showArticle.jhtml?articleID=223900239

Leave a Reply