Is your product market-ready?

Analyze your security maturity with ProSecCo

ProSecCo is a maturity model to evaluate the security and compliance of IoT products.

With ProSecCo, manufacturers can understand what they do well, highlight their gaps and identify possible improvements.

This version is free and contains a restricted number of answers and functionalities compared to our Premium version.

Try ProSecCo

Governance

Understanding and managing product cyber security at every stage of the product lifecycle.

Compliance

Standards and regulations

Policies and processes

Risk management

Cyber security risks

Vulnerability management

Supply chain

Supplier selection

Contract requirements

Incident management

Detection and response

Notification and reporting

Product Team

Roles & Responsibilities

Awareness & Training

Secure Development

Following security-by-design principles throughout the product development process.

Security-by-Design

Threat modelling

Data classification

Supply chain

Dependencies

Security assurance

Secure architecture

System architecture

Application security (including Cloud)

Secure coding

Data protection

Product Design

Implementing the pre-requisites to product security.

Core product (HW/SW)

Hardware

Unique device identity

Cryptography

Identity & Access Management

Identification

Authentication and access control

Security Assurance

Testing capabilities

Assurance methodology

Documentation

Internal documentation

User documentation

Post-market security

Default configuration

Support period

Secure update

Resilience to outage

Product Manufacturing

Securing the manufacturing supply chain until product release.

Secure manufacturing

Selection of manufacturing partners

Protection of secrets

Device provisioning

Root of trust programming

Identity provisioning

Security Capabilities

Using the product capabilities to support cyber security requirements after release.

Security by default

Default configuration

Software attack surface

External attack surface

Internal attack surface

Identity & Access Control

Passwords and authentication

Access management

Secure update

Secure update mechanism

Software integrity

Data security

User data management

Data processing

Secure communications

Data at rest

Product Lifecycle

Keeping the product secure at any time.

Vulnerability management

Vulnerability handling

Security updates

Incident management

Handling of unexpected events

Management of outages

Data protection

Data collection, processing and exchanges

Limitations related to personal data

End of life

Decommissioning

Prosecco Premium

More features!

With ProSecCo Premium, you improve your product maturity with:

  • Enhanced granularity to identify strong points and gaps
  • Maturity improvements and quick wins
  • Support of multiple products and brands
  • Creation of custom profiles
  • Maturity benchmark of real-world products
  • Possibility to save, edit and export results
  • And more...
Enhanced data visualization
ProSecCo Premium

ProSecCo Premium features additional details to quickly identify strong points, gaps and improvements.

Frequently Asked Questions

FAQ

ProSecCo stands for Product Security & Compliance. It is a maturity model for IoT products.

ProSecCo is closed-source. You can acquire a license by contacting us.

The profiles represent the expected level of maturity for a domain. They integrate requirements from standards, regulations and sector-specific practices.

The maturity score depends on the answers! The score is calculated using a proprietary algorithm that removes most biases. This is the result of several months of research.

ProSecCo premium is available to cetome customers. The price depends on the features needed such as a custom profile, internal mappings, etc. Please contact us to get more information.

Contact us

If you want to get more information on ProSecCo Premium or acquire a license.

We will only use your personal data for this purpose.

show maturity level
hide maturity level
Maturity level