Our previous article discussed how vulnerabilities are dealt with under the Common Criteria certification program in North America. All commercial product assurance programs deal with flaws and vulnerabilities in different ways, often with overlapping requirements, techniques and outcomes.
In this article, James Ramage of the Lightship Security FIPS team talks about how vulnerabilities are handled for FIPS 140-3 validations.
Read More