The agency was born motivated by the fact that the existing systems so far do not offer a model to assess, in a homogeneous and transparent way, the level of security provided by a system or service:
- Certifications for ISO / IEC27001 standard assess the safety management system of information with an scope which defined by the supplier, but not evaluate the actual security measures.
- Audits evaluate compliance with certain requirements of security, which often do not match with the needs of service users (being poorly reusable).
Thus, since late 2010, the LEET Security agency compiles the controls which are defined in the international regulations, standards and best practices, classifies and groups them in different levels, and provides a "score" to the security that is implemented in each qualifying service, which is reflected in the LEET stamp.
The rating system managed by LEET Security becomes the first implementation of the recommendation by the Cybersecurity Strategy of the EU, to create security labeling systems for ICT services.
he ultimate goal is to provide trust to the customers / users of these services, offering full transparency to the security measures implemented by providers in the services that they offer.