[March 12, 2019 Update] NDcPPv2.1 has been formally endorsed by NIAP. NDcPPv2.1 is hot off the presses from the Network iTC. It is yet to be officially accepted by NIAP for PCL usage however this is probably not too far off, …
SSH Rekey Limits with OpenSSH
Since this article was posted, the international Network Interpretations Team has issued RFI 201824 stating that the send and receive keys can be independently rekeyed. Therefore, the requirement that the ‘aggregate’ traffic be counted is no longer mandated according to …
6 Tips to Help Avoid Surprises In Your Next Common Criteria Evaluation
Undertaking a Common Criteria (CC) evaluation should not be an opaque process from a timing, process or cost perspective. In this post, the testing experts at Lightship provide 6 practical tips to ensure that you are getting the best value …
Lightship at IAEA Meeting on Cyber Risk in the Nuclear Supply Chain
Lightship Security Director of Consulting, Lachlan Turner, was nominated by the Government of Canada to participate in the International Atomic Energy Agency (IAEA) Technical Meeting on Reducing Cyber Risks in the Supply Chain which was held at IAEA’s Headquarters in …
Don’t Call it a Bash Script: Automation is Not Scripting
Or, maybe it is. In reality, the answer is that all automation is scripting but not all scripting is automation. Automation is really a maturation or evolution of scripting. Calculators script the mathematical principles defined by Thales, Pythagoras, Euclid and …
Secure Tunnelled NTP Proof of Concept
Update 2018-Oct-03: This post has been updated within new information from NDcPP v2.1. Recently, NIAP issued Technical Decision TD0321: Protection of NTP communications. It states that network time sources are critical pieces of information that must be protected. However, having …
NIAP TD0321: Protection of NTP communications
Update 2018-Oct-03: This post has been updated within new information from NDcPP v2.1. NIAP has issued Technical Decision TD0321 against the Network Device Collaborative Protection Profile (NDcPPv2.0e) mandating the use of a trusted channel (IPsec, SSH, TLS, DTLS, HTTPS) for NTP (or …
Certification Head Start
Imagine having more than 60% of your Common Criteria evaluation completed in less than a week. With Lightship’s Certification Head Start offering, we can make it happen.
Common Criteria Lab Accreditation
We are excited to announce that Lightship Security is a fully accredited Common Criteria laboratory. Prepare for warp-speed certifications! Contact us to find out how our experienced team uses Greenlight automation and Lightship’s industry first functional gap assessment methodology to transform your certification experience. …
How to get on the NSA/NIAP Product Compliant List (PCL)
Many vendors seeking to sell hardware or software to the U.S. Government, particularly to defense and intelligence agencies, will find that cyber security product certification is mandated by federal procurement requirements (CNSSP 11) for these environments. We know, because many …