Welcome to the Acumen Security Blog

FIPS Lab Satisfaction Survey: Acumen Receives High Marks

Mark Minnoch at the FIPS Hacker published his Q3 Lab Satisfaction Survey last month and we are proud to note that we received high ratings across the board:


And this isn’t a one time anomaly. In the Q2 survey Acumen received the identical high ratings!!!

The FIPS Lab Survey is a first of its kind started by Mark couple of quarters ago. He sends out survey to companies that have finished FIPS certification in the quarter asking them five simple but insightful questions:

  1. How satisfied are you overall with your recent FIPS Lab experience?
  2. How satisfied are you with your FIPS Lab’s responsiveness?
  3. How satisfied are you with your FIPS Lab’s FIPS 140-2 expertise?
  4. How satisfied are you with your FIPS Lab’s expertise of your company’s technology?
  5. How satisfied are you with your FIPS Lab’s communication during your project?

As you can see the characteristics that he has modeled his questions around are the ones most product companies care about when selecting the certification lab to work with.

Receiving such high ratings on an independent industry survey does make the hard work we put into our execution well worth it. It also helps validate our methodology and customer focussed approach to certifications. Now the challenge is on us to maintain this high satisfaction for all our customers.

The survey has additional statistics such as distribution of certificates across levels, types etc and also included is a checklist for selecting labs. The Q3 survey results can be downloaded here. You can use the coupon code acumen to get a 35% discount.

Happy reading!

How to Build a Product Security Program with SDL and Certifications

Cert_batman_supermanChris Romeo and I conducted a webinar this week on how one can leverage SDL and government Certifications to create an effective product security program. It was heartening to see the interest we received and reinforced our belief that certifications can be more than just a check box. If strategized correctly, companies can raise the security posture and maturity of their products while creating a useful, long term  security program.

If this resonates with you, I strongly recommend listening to the recording by following this link.

But please don’t stop there. Do reach out and we would be happy to give our thoughts and ideas on how you can make certifications less painful, more effective and get the most out of the investments you are making.