AgileAssurance

Agile Assurance: Modernizing IT Product Certification

Lachlan TurnerCertifications

In an agile development model, software is developed in incremental, rapid cycles with the goal of continuous improvement, fast flaw remediation and improved customer experience. Agile models advocate adaptive planning, evolutionary development, early delivery, fast iterations, and rapid response to …

NDcPP_details

NDcPP – The devil is in the details

Lachlan TurnerCommon Criteria

In this post, we identify some common problem areas for vendors complying with the Network Device Collaborative Protection Profile (NDcPP). We’ll discuss how Lightship has adjusted to the new reality that every product going against the very prescriptive NDcPP will …

Goodbye TLS_RSA

Goodbye TLS_RSA

Lachlan TurnerCommon Criteria

[Dec 13, 2017 update: The plot thickens… in early December researchers revived a 19-year-old vulnerability that allows performing RSA decryption and signing operations with the private key of a TLS server – known as The Robot Attack. ROBOT only affects TLS cipher …