What makes for truly independent security product testing?

It seems there’s room for improvement when it comes to independent testing – but what are your thoughts on this?