Category Archive

Below you'll find a list of all posts that have been categorized as “Certifications”

game-of-certifications-common-criteria-requirements

Game of Certifications: A Song of Common Criteria Requirements

Alex Thurston May 27, 2019Certifications, Common Criteria

If you’ve ever spent any amount of time delving into the world of Common Criteria (CC), you’ve no doubt come across the veritable Roman/biblical hierarchy of relationships between the various components. At times, it would make even Cersei Lannister blush. …

Preparing for FIPS Validation Part 2 – Boundaries and Libraries

Jason Lawlor March 15, 2019Certifications, FIPS 140-2

In part 2 of our multi-part Lightship Security video tutorial series geared toward vendors who are new to FIPS 140-2, we discuss the concept of cryptographic boundaries, cryptographic libraries and the design aspects required for FIPS 140-2 compliance. The previously …

NDcPP v2.1 endorsed by NIAP but which TDs apply?

Lachlan Turner March 12, 2019Certifications, Common Criteria

[March 14, 2019 update] The NIAP list of TDs is now up to date with NDcPP v2.1 attribution. NIAP announced their endorsement today of version 2.1 of the Network Device collaborative Protection Profile. We’ve previously described the changes in NDcPP v2.1. …

NDcPP – Are You A Good Network Citizen?

Jason Lawlor March 9, 2019Certifications, Common Criteria

Vendors undertaking a Common Criteria project for the first time are often surprised by the scope and focus of the testing for a Network Devices collaborative Protection Profile (NDcPP) CC evaluation. Lightship’s Technical Director, Greg McLearn often refers to the …

What’s changed since NDcPP v1.0?

Lachlan Turner February 8, 2019Certifications, Common Criteria

[March 12, 2019 Update] NDcPPv2.1 has been formally endorsed by NIAP. There are 41 products listed on the NIAP PCL that are compliant with the collaborative Protection Profile for Network Devices (NDcPP) v1.0. These PCL listings will all expire within the next …

The Mother of All NIAP Protection Profiles – NDcPP

Lachlan Turner November 29, 2018Certifications, Common Criteria

We took a strategic decision early on at Lightship Security to focus our initial Greenlight development efforts on automating the tests specified by the Network Device collaborative Protection Profile (NDcPP). There are two main reasons for this: It is the …

Notable NDcPPv2.1 Changes (from v2.0e)

Lachlan Turner October 3, 2018Certifications, Common Criteria

[March 12, 2019 Update] NDcPPv2.1 has been formally endorsed by NIAP. NDcPPv2.1 is hot off the presses from the Network iTC. It is yet to be officially accepted by NIAP for PCL usage however this is probably not too far off, …

6 Tips to Help Avoid Surprises In Your Next Common Criteria Evaluation

Jason Lawlor July 29, 2018Certifications, Common Criteria

Undertaking a Common Criteria (CC) evaluation should not be an opaque process from a timing, process or cost perspective. In this post, the testing experts at Lightship provide 6 practical tips to ensure that you are getting the best value …

Don’t Call it a Bash Script: Automation is Not Scripting

Alex Thurston June 13, 2018Certifications, Common Criteria

Or, maybe it is. In reality, the answer is that all automation is scripting but not all scripting is automation. Automation is really a maturation or evolution of scripting. Calculators script the mathematical principles defined by Thales, Pythagoras, Euclid and …

NIAP TD0321: Protection of NTP communications

Lachlan Turner May 24, 2018Certifications, Common Criteria

Update 2018-Oct-03: This post has been updated within new information from NDcPP v2.1. NIAP has issued Technical Decision TD0321 against the Network Device Collaborative Protection Profile (NDcPPv2.0e) mandating the use of a trusted channel (IPsec, SSH, TLS, DTLS, HTTPS) for NTP (or …

Page 2 of 3
←
1
2
3
→