SoftSeq

BACKGROUND

Please describe your company and your position there.

I am the Product Manager in Petcube, a connected technology startup that designs and develops hardware and software products for pets.

OPPORTUNITY / CHALLENGE

For what projects/services did your company hire SoftSeq?

We were building the new generation of connected pet cameras that integrate with Amazon Alexa Built-in. The certification process required performing an independent third-party security audit which will be accepted by Amazon.

What were your goals for this project?

The primary goal was to check Petcube's new hardware products and software stack against the Amazon Alexa security requirements, identify any non-conformities, remove the vulnerabilities and prioritize further improvements.

SOLUTION

How did you select this vendor?

Petcube has already involved SoftSeq previously for a web application security audit of the backend components. We were pleased with the results, therefore, we confirmed with Amazon that SoftSeq can perform the required audit for Alexa Built-in.

Describe the project in detail.

SoftSeq team has prepared the audit plan based on the Amazon requirements, guidelines and OWASP ASVS/IOT standards, approved it with Amazon, performed the audit using the sample devices, and wrapped it up in the summary report. They also provided all the necessary clarifications asked for by Amazon Alexa security team and helped Petcube team to optimally plan the improvements.

What was the team composition?

Petcube engineering team has worked with two dedicated security engineers from SoftSeq.

RESULTS & FEEDBACK

Can you share any outcomes from the project that demonstrate progress or success?

The performed audit has cleared Petcube cameras Play 2 and Bites 2 for getting the Alexa Built-in certification. The confirmation can now be seen as a corresponding official label on the Amazon product pages.

How effective was the workflow between your team and theirs?

The workflow was smooth and we were quick to iterate on any questions.

What did you find most impressive about this company?

I was impressed by SoftSeq engineers' experience and the flexibility that they provided in terms of the scope, timeline, and priorities.

Are there any areas for improvement?

Everything went as expected, the minor things that took several iterations were the final report formalities that required tailoring to Amazon's formal expectations.