Lab Requirements

Capabilities
Approved test labs are required to run through 50-100 checks on a device, depending on the device's functionality, including ad-hoc penetration testing. These checks are both logic test cases as well as administrative checks.

Certifications
Penetration testers must have a certification such as OSCP. We do not require ISO 17025 accreditation for labs, but the qualifications of the lab performing the test is reflected in the DeviceLookup™ cybersecurity risk assessment engine.