Security Innovation is a cybersecurity company that provides comprehensive consulting and services to protect software at every stage of its lifecycle. The company’s mission is to empower organizations to make informed cybersecurity decisions by offering objective advice and practical support. Security Innovation aims to safeguard all aspects of a client’s software, including web, cloud, IoT, mobile, and desktop technologies. This is achieved through a variety of services such as penetration testing, secure code reviews, and cloud configuration reviews.
The company has established a reputation for its expertise in software security, assisting organizations in building and deploying more secure software. It serves a range of clients, from Fortune 50 companies to small and medium-sized businesses. In July 2024, it was announced that Bureau Veritas was acquiring Security Innovation to enhance its cybersecurity capabilities, particularly in the North American market. This acquisition is intended to combine Security Innovation’s specialized software security knowledge with Bureau Veritas’s global presence in testing, inspection, and certification.
Offerings, Capabilities, and Integrations
Security Innovation provides comprehensive cybersecurity solutions focused on protecting technology across various platforms including Web, Cloud, AI, IoT, Mobile, and Desktop. The company’s services are designed to be integrated into the development and operational processes of its clients. Security Innovation’s offerings include penetration testing, secure code reviews, secure SDLC assessments, and cloud configuration reviews. A key aspect of its competitive edge is the delivery of precise and actionable security services that aim to eliminate false positives and streamline risk mitigation. This focus on precision is complemented by two decades of experience in software security, which allows its team to integrate with development, engineering, and operations teams to ensure robust security throughout the entire software lifecycle.
A notable development is that Security Innovation has spun out its training solutions division into a separate company called CMD+CTRL Security. This new entity will continue to offer the CMD+CTRL Base Camp solution portfolio. Following this, Bureau Veritas, a global leader in Testing, Inspection, and Certification (TIC), is set to acquire Security Innovation to create a new cybersecurity hub for its U.S. clients. This strategic move is expected to allow both Security Innovation and CMD+CTRL Security to pursue more focused growth strategies while maintaining a strong commercial agreement.
Products and Services
Security Innovation offers a range of products and services designed to identify and mitigate security vulnerabilities in software. Its services are categorized into software and cloud security assessments.
- Software Penetration Testing: This service covers various application types, including web, cloud, IoT, embedded firmware, mobile, and blockchain. The company has a reputation for identifying and risk-rating vulnerabilities for prioritized remediation.
- Secure SDLC Assessment: Security Innovation offers consulting services to identify security gaps in a company’s software development lifecycle (SDLC). This includes design and code reviews and third-party process certification assessments.
- Cloud & Infrastructure Assessments: These assessments specialize in attack simulations, cloud security configuration reviews, and topic-driven tabletop exercises to reduce strategic risk in complex IT environments.
- CMD+CTRL Platform: This is a key offering, now part of the spun-off CMD+CTRL Security company. It is a hands-on training platform with cyber ranges that use insecure software environments to hone security skills. The platform includes CMD+CTRL Labs, which provide hands-on scenarios to learn how to find and address vulnerabilities. The training is designed for various roles, including developers, testers, architects, and cybersecurity professionals. The platform features over 200 courses and a suite of cyber ranges.
- Application Security Training: With over 100 courses, this training helps developers learn coding best practices to reduce vulnerabilities. It includes pre-assessments to place learners in appropriate courses and classroom labs for applying skills.
- General Security Awareness Training: This service is aimed at educating all employees on common security threats and reinforcing best practices to protect sensitive data.
- HIPAA Compliance Training: This training helps organizations in the healthcare sector comply with HIPAA security rules and best practices through real-life scenarios.
Target Customers
Security Innovation’s target customers range from Fortune 50 to small and medium-sized businesses (SMBs) that have a reputation to protect. The company has worked with global technology vendors and enterprise IT organizations such as Microsoft, IBM, FedEx, and The Coca-Cola Company. Its solutions are geared towards organizations that need to secure their software across various platforms like cloud, mobile, and IoT.
The primary beneficiaries of Security Innovation’s products and services are organizations looking to reduce risk from software vulnerabilities. Customers gain value from the company’s deep expertise and its ability to provide quantifiable, ongoing value. For instance, a leading manufacturer of robot vacuums engaged Security Innovation to conduct a comprehensive security assessment of its product, including hardware, firmware, and mobile applications. The engagement resulted in strengthened communication protocols, improved local cryptographic implementation, and secure firmware updates. Similarly, a medical device manufacturer tasked the company with evaluating its software, hardware, and data management practices to ensure patient safety and regulatory compliance. The assessment led to enhanced data encryption, secured network access, and alignment with industry standards.
The training solutions, now under CMD+CTRL Security, are targeted at development teams, including application developers, security engineers, and QA engineers. These programs are designed to help them build secure software and reduce security risks through role-based skills development and realistic simulated environments. The training is beneficial for a wide range of industries, including technology, financial services, and retail.
Cloud Integrations and Marketplaces
Security Innovation does not have any cloud integrations or a cloud marketplace presence.
- Vice President: Mike Nicholls
- Managing Director US: Ed Adams
- Managing Director Europe: Erwin Jansen
- Strategic Director: Dirk Jan van den Heuvel
- Director North America: Floris Duvekot
- Director Enterprise: Frank van de Vinne
- Director Industrial Europe: Anna Prudnikova
Key Facts
- Headquarters Location: Wilmington, MA.
- Number of Employees: Approximately 186-252.
- Annual Revenue: Approximately $37.5 million to $55.3 million.
- Parent Company: Bureau Veritas.
- Subsidiary Companies: None.
- Publicly Listed: No.
Analyst Recognition
Gartner has recognized Security Innovation in the security awareness computer-based training category.
- Gartner: Security Innovation was named a Visionary in the Magic Quadrant for Security Awareness Computer-Based Training.
There is no publicly available information to indicate that Security Innovation is currently recognized by Forrester, IDC, or Everest Group in their respective major market evaluation reports.
