Below you'll find a list of all posts that have been categorized as “Common Criteria”
Lightship Security Director of Consulting, Lachlan Turner, was nominated by the Government of Canada to participate in the International Atomic Energy Agency (IAEA) Technical Meeting on Reducing Cyber Risks in the Supply Chain which was held at IAEA’s Headquarters in …
Or, maybe it is. In reality, the answer is that all automation is scripting but not all scripting is automation. Automation is really a maturation or evolution of scripting. Calculators script the mathematical principles defined by Thales, Pythagoras, Euclid and …
Update 2018-Oct-03: This post has been updated within new information from NDcPP v2.1. Recently, NIAP issued Technical Decision TD0321: Protection of NTP communications. It states that network time sources are critical pieces of information that must be protected. However, having …
Update 2018-Oct-03: This post has been updated within new information from NDcPP v2.1. NIAP has issued Technical Decision TD0321 against the Network Device Collaborative Protection Profile (NDcPPv2.0e) mandating the use of a trusted channel (IPsec, SSH, TLS, DTLS, HTTPS) for NTP (or …
Imagine having more than 60% of your Common Criteria evaluation completed in less than a week. With Lightship’s Certification Head Start offering, we can make it happen.
We are excited to announce that Lightship Security is a fully accredited Common Criteria laboratory. Prepare for warp-speed certifications! Contact us to find out how our experienced team uses Greenlight automation and Lightship’s industry first functional gap assessment methodology to transform your certification experience. …
Many vendors seeking to sell hardware or software to the U.S. Government, particularly to defense and intelligence agencies, will find that cyber security product certification is mandated by federal procurement requirements (CNSSP 11) for these environments. We know, because many …
In this post, we identify some common problem areas for vendors complying with the Network Device Collaborative Protection Profile (NDcPP). We’ll discuss how Lightship has adjusted to the new reality that every product going against the very prescriptive NDcPP will …
[Dec 13, 2017 update: The plot thickens… in early December researchers revived a 19-year-old vulnerability that allows performing RSA decryption and signing operations with the private key of a TLS server – known as The Robot Attack. ROBOT only affects TLS cipher …
The Communications Security Establishment (CSE) of Canada recently accepted Lightship Security as a Candidate Common Criteria Lab – an important milestones in the approval process to become an accredited IT security test lab. Accreditation is performed by the Standards Council of Canada (SCC) …
