Exciting Milestone: First atsec Cybersecurity Certificates Issued for Common Criteria

于 2024-08-29 10:34:27 发布
阅读量555 收藏 18
点赞数 18
文章标签: Common Criteria Cyber Security 信息安全
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/weixin_54957825/article/details/141669385
版权

We are thrilled to announce that atsec’s Certification Body (CB) officially issued its first cybersecurity certificates for Common Criteria. This achievement represents atsec’s readiness for the upcoming European Cybersecurity Certification Scheme (EUCC), positioning our Certification Body at the forefront of cybersecurity compliance in the European Union.

The EUCC is an evolving certification framework aimed at strengthening cybersecurity across the EU, providing a consistent and recognized standard for IT products.

What is Common Criteria?

As an internationally recognized standard for evaluating the security of information technology products and systems, the Common Criteria provides a comprehensive framework to assess the security properties of a product and ensures that it meets security requirements. This certification is highly regarded in the cybersecurity industry and is often a prerequisite for products entering sensitive or regulated markets.

Achieving Common Criteria certification involves a thorough evaluation process, including:

1. Preparation: The product developer prepares the necessary documentation and evidence to support the security claims of the product.

2. Evaluation: Skilled evaluators conduct a detailed analysis, examining the product’s design, development processes, and performing testing of the product.

3. Certification: Once the evaluation is complete and the product meets all necessary criteria, the certification is awarded.

Looking Ahead: Preparing for EUCC

By starting with Common Criteria certifications according our own Common Criteria scheme, atsec is prepared to provide EUCC certification services when they become available in the EU. Our Information Technology Security Evaluation Facility (ITSEF) and CB approvals to perform EUCC evaluations and certifications are pending final approval.

“We congratulate the team behind the certified product for their hard work and dedication. This achievement sets a high benchmark for future certifications and reinforces atsec’s position in the cybersecurity certification market,” said Staffan Persson, Certification Manager of atsec CB.

Stay tuned for more updates as we continue to expand our evaluation and certification efforts.

For more information about our certification services, please visit the Common Criteria service page on our website.

atsec
关注
  • 18
    点赞
  • 18
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
博客
atsec出席2024 PCI社区会议
08-27 229
atsec将参加2024年11月20日和21日在越南河内举行的支付卡产业安全标准委员会(PCI SSC: Payment Card Industry Security Standards Council)亚太社区会议,并与往年一样设置展位。
博客
First Post Quantum Cryptographic Algorithm Certificates Issued
08-19 1028
NIST published the final version of FIPS 203 (ML-KEM), FIPS 204 (ML-DSA), and FIPS 205 (SLH-DSA) on August 13, 2024, making the first post-quantum cryptographic (PQC) algorithms official and wrapping up an eight-year effort to prepare us.
博客
atsec再次成为2024-2026年度的PCI GEAR成员
08-15 777
atsec自2018年PCI GEAR成立之初就加入了PCI GEAR。2024年,atsec是PCI GEAR的33个成员之一,致力于在全球范围内保护支付数据。作为战略合作伙伴,圆桌会议成员代表评估者社区为PCI安全标准委员会(SSC:Security Standards Council)的计划和项目带来了产业、地域性和技术性的见解。
博客
atsec增加Swift CSP评估资质
08-06 324
atsec信息安全评估员现已被Swift列为Swift客户安全计划(CSP:Customer Security Programme)认证评估员目录中的评估提供商,可以帮助全球金融机构评估其针对CSP强制性和咨询性控制的合规级别。在金融行业,Swift要求使用其消息平台的金融机构接受独立评估提供商的评估,以加强围绕其金融消息服务的安全生态系统。
博客
Guiding the Way through the World of Cyber Security
08-06 575
It is atsec’s firm belief that effective security assurance can only truly be accomplished when the product developers proactively incorporate security requirements they thoroughly understand.
博客
First SP800-140Br1 Compliant FIPS 140-3 Certificates
07-15 729
​On July 11th, 2024, the first three FIPS 140-3 certificates forNIST’s SP800-140Br1pilot program were posted on the NIST website. atsec information security was one of the labs that took part in the pilot program.
博客
Changes Coming to NIAP Entropy Assessment Reports in 2025
06-17 505
Recently, NIAP announced that Entropy Assessment Reports (EARs) must include a NIST Entropy Source Validation (ESV) certificate starting at the turn of the year on January 1st, 2025.
博客
支付卡产业最新发布PCI DSS v4.0.1
06-13 534
自2022年3月PCI DSS v4.0发布以来,受到全球支付产业高度关注,为了解决来自所有产业相关者的反馈和问题,PCI安全标准委员会(PCI SSC)发布了该标准的修订版PCI DSS v4.0.1。其中包括对格式和印刷错误的更正,也澄清了一些要求和指南的重点和意图。本修订版中没有附加或删除的要求内容。
博客
BSI NESAS CCS-GI Scheme Updates
06-11 879
We'd like to inform our customers and partners that the German Federal Office for Information Security (BSI) recently published new documents approving the use of additional Security Assurance Specifications (SCAS).
博客
EUCC and Cybersecurity Certification in Europe
04-24 588
​The European Union Agency for Cybersecurity (ENISA) hosted acybersecurity certification conferenceon April 18, 2024, in Brussels, Belgium. The conference very much focused on the implementation of the EUCC - European Cybersecurity Certification Scheme.
博客
atsec Adds FIDO Evaluation Qualification
04-11 510
atsec information security (branded as “atsec”) has been qualified by the FIDO Alliance as one of the FIDO Accredited Security Laboratories to evaluate the authenticator products.
博客
atsec AB first IEEE 2621 Accredited Medical Device Testing Facility
04-08 542
atsec AB Stockholm, Sweden is thrilled to announce: We are the first IEEE Authorized Testing Facility!
博客
BREAKING NEWS: c@tsec information security Unveils Revolutionary Quantum Computer
04-01 876
April 1, 2024 – Austin, TX: In a groundbreaking announcement today, c@tsec information security, a subsidiary of atsec information security, and the leader in quantum computing technology, proudly unveils its latest innovation: the Quantum PurrProcessor™.
博客
XDRGB - Random Bit Generator using any XOF
03-28 385
Resulting from a joint collaboration between John Kelsey (NIST), Stefan Lucks (Bauhaus-Universität Weimar, Germany) and Stephan Müller (atsec information security), a new deterministic random bit generator (DRBG) is published.
博客
PCI产业概述和产业发展动态分享
03-25 715
我们是从商户购买商品或服务的“支付卡的持卡人”,商户向收单机构发送支付交易数据,收单机构通过卡组织的支付网络向发卡机构发送支付业务数据。发卡机构是实际向持卡人发卡的机构,持卡人执行支付交易时,发卡机构都会向商户的收单银行提供交易授权或拒绝。收单机构和发卡机构需要交换支付信息来完成交易的过程称为“清算”(Clearing)。商户银行(收单机构)为持卡人的购买向商户付款以及持卡人的银行(发卡机构)向持卡人开具账单的过程称为“结算”(Settlement)。
博客
PCI DSS针对恶意脚本防范的新要求及其方案探讨
03-19 1656
2022年3月,支付卡行业安全标准委员会(PCI SSC)公布了PCI DSS v4.0版本。新的PCI DSS版本中引入了有关恶意脚本防范的新要求,特别是条款6.4.3和条款11.6.1。本文旨在探讨条款6.4.3和11.6.1的具体技术要求、对信息安全的影响以及如何实施其安全方案以满足这两项新要求。
博客
Happy Pi Day
03-14 425
To All our Math lover colleagues, Happy Pi Day.
博客
Crypto Module Bootcamp 2024
03-11 866
On Tuesday, February 27, 2024, atsec information security hosted a free day-long hybrid event on the Concordia University campus in Austin, TX.
博客
PCI PIN标准相关截止时间的解读以及近期重要信息分享
03-05 1919
众所周知,PIN(个人识别码)数据用于在终端发出的授权请求中对持卡人进行身份验证。PIN仅由十进制数字组成。PIN码也经常被大家俗称为信用卡的密码。因此,PIN码属于机密性最高的支付认证数据。PCI标委会针对PIN数据保护专门出台了用于保护PIN数据以及相关密钥数据的安全标准 “PCI PIN安全要求和测试程序。本文重点对PCI PIN标准提及的一些安全要求点的截止时间进行了解读,并介绍了近两年来产业内关于PCI PIN标准的一些重要信息。
博客
来自atsec的节日祝福!
12-21 466
全体atsec团队祝福我们的同事、客户、合作伙伴以及供应商圣诞快乐,新年快乐。
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值