Agile Assurance: Modernizing IT Product Certification

Lachlan TurnerCertifications

In an agile development model, software is developed in incremental, rapid cycles with the goal of continuous improvement, fast flaw remediation and improved customer experience. Agile models advocate adaptive planning, evolutionary development, early delivery, fast iterations, and rapid response to …


NDcPP – The devil is in the details

Lachlan TurnerCommon Criteria

In this post, we identify some common problem areas for vendors complying with the Network Device Collaborative Protection Profile (NDcPP). We’ll discuss how Lightship has adjusted to the new reality that every product going against the very prescriptive NDcPP will …

Goodbye TLS_RSA

Goodbye TLS_RSA

Lachlan TurnerCommon Criteria

[Dec 13, 2017 update: The plot thickens… in early December researchers revived a 19-year-old vulnerability that allows performing RSA decryption and signing operations with the private key of a TLS server – known as The Robot Attack. ROBOT only affects TLS cipher …


Lightship Security Common Criteria Test Lab

Lachlan TurnerCommon Criteria, Lightship News

The Communications Security Establishment (CSE) of Canada recently accepted Lightship Security as a Candidate Common Criteria Lab – an important milestones in the approval process to become an accredited IT security test lab. Accreditation is performed by the Standards Council of Canada (SCC) …