Vulnerabilities and Common Criteria

Greg McLearn Common Criteria

No computing system is free from security vulnerabilities. Such flaws can manifest themselves within software, firmware and hardware implementations. Often the ease in widespread mitigation is based in part on whether a vendor can provide updates to software (relatively easy), …

whats-new-app-protection-profile

What’s New In App PP v1.4

Marina Ibrishimova Common Criteria

The Protection Profile for Application Software (APP PP) v1.4 has recently been published. Here are some key points from our initial review. PP-Modules. Vendors are now allowed to specify additional protection profiles (PPs) and PP-Modules in a PP-Configuration with APP …

What’s New in NDcPP v2.2?

Lachlan Turner Certifications, Common Criteria

The Network Device international Technical Community recently (in December 2019) published version 2.2 of the collaborative Protection Profile for Network Devices – aka – NDcPP. The NDcPP is the most often used Common Criteria Protection Profile to achieve listing on …

NIAP Requests for a Mitigation Plan

Lachlan Turner Certifications, Common Criteria

Vendors with products on NIAP’s Common Criteria Product Compliant List (PCL) may from time-to-time receive a request from NIAP for a mitigation plan addressing a given widespread vulnerability (e.g. Meltdown, Spectre etc.). This is in keeping with NIAP Policy 17 …