CPSTIC updates its product catalogue after the LINCE evaluation or JTSEC complementary STIC test

Blog

27
- April
2020
Posted by: José Ruiz
[Certification]
CPSTIC updates its product catalogue after the LINCE evaluation or JTSEC complementary STIC test

The Spanish National Cryptologic Center (CCN) includes in its CPSTIC Security Products Catalog five new products evaluated by jtsec. In collaboration, side by side, with five of our international clients, at jtsec we evaluate the cybersecurity of IT products detecting possible vulnerabilities with an exhaustive testing before the products go to market.

What does having a LINCE certification bring?

This certification is one of the ways in which these products are included in the Catalogue of ICT Security Products (CPSTIC), which regulates the acquisition of IT products in the Spanish administration. With the LINCE certification, the products will be recognized as suitable for systems that must comply with the National Security Scheme (ENS).

Products certified in the CPSTIC Safety Catalogue

Product Manufacturer Category
Intercept X Advanced with EDR 2.5.4 BETA/ 10.8.6/2.0.16 BETA. Sophos LTD. Operational Security
MIL2004-2xHSR-L3. 19.12 SoCe System-on-Chip engineering – Novatronic Sistemas Communications Protection
ESET Endpoint Security 7.2.2055.3 ESET SPOL S.R.O Operational Security
McAfee Data Loss Prevention (DLP) Endpoint with ePolicy Orchestrator 5.10 11.1 McAfee, LLCO Protection of Information and Media
Stormshield Network Security UTM/NG-Firewall Stormshield SAS Communications Protection

How to be included in the CPSTIC catalogue?

The entry in the CPSTIC catalogue can be obtained by carrying out a LINCE assessment or a Common Criteria assessment. In the case of the Common Criteria assessment, depending on the scope of the original assessment, additional STIC tests are required. It is important to remember that the certification must always be performed by an accredited laboratory. jtsec is the first laboratory recognized by the Spanish National Accreditation Entity (ENAC) in Spain in LINCE methodology..

How does jtsec evaluate a product according to LINCE criteria?

The LINCE certification is focused on vulnerability analysis and product penetration testing. jtsec experts perform an "ethical hacking" in a methodological and accredited way ensuring the maximum guarantees.

The results of the evaluation by jtsec are reflected in an Evaluation Technical Report (ETR). Afterwards, the CCN reviews the report and validates the work done by jtsec, successfully issuing the LINCE certificate.

jtsec offers an integral service to its clients to include their products in the catalogue giving support in the definition of the security declaration, the procedure of inclusion in the catalogue, the LINCE evaluation and the writing of the safe use procedure.

tags
José Ruiz/CTO

Jose is an expert consultant on the Common Criteria standard with more than 10 years of experience. Jose has a wide background in other security assurance standards in the field of the information technology as Common Criteria, FIPS 140-2, FIPS 140-3, GP TEE, PCI-PTS, LINCE. Jose has served as an evaluator, Technical Leader and CC Consultant for Epoche&Espri and as CC lab manager and Cyber Security Service Manager for Applus+. His experience has led him to participate as a speaker in various editions of the ICCC (International Common Criteria Conference) and ICMC (International Cryptographic Module Conference). He has been the “Chairman” of a subgroup within the ISCI WG1 Eurosmart Initiative to develop the CC Methodology. He is also member of different working groups as ISO SC27 or Global Platform TEE and an active member of the group ERNCIP “IACS Cybersecurity certification“.

In 2017 he founded with Javier what is now known as jtsec. He is currently in charge of promoting the commercial expansion of the company from its headquarters in Madrid as CTO. In addition, he represents jtsec in various national and international forums and is responsible for quality.


Contact

Send us your questions or suggestions!

By sending your data you allow us to use it to resolve your doubts by sending you commercial information of interest. We will delete it when they are no longer necessary for this matter. Know your rights in our Privacy Policy.
RECENT POSTS
jtsec achieves pioneering accreditation for MEMeC cryptologic evaluation
Jan 17, 2025
jtsec achieves pioneering accreditation for MEMeC cryptologic evaluation
jtsec & Applus+ Laboratories at ICCC24
Nov 14, 2024
jtsec & Applus+ Laboratories at ICCC24
How to use the CCN product catalog to improve your company's security
Oct 14, 2024
How to use the CCN product catalog to improve your company's security
Common Criteria Statistics 2023
June 17, 2024
Common Criteria Statistics 2023
How to enter ENS category high, stay in the catalog and add new versions of my product
April 23, 2024
How to enter ENS category high, stay in the catalog and add new versions of my product
jtsec - Our LINCE 2023
Febr 6, 2024
jtsec - Our LINCE 2023
We wish you a happy and cybersecure 2024
Dec 19, 2023
We wish you a happy and cybersecure 2024
How to Prepare Your Products and Services for the Quantum Era and Ensure Their Certification?
Dec 14, 2023
How to Prepare Your Products and Services for the Quantum Era and Ensure Their Certification?
How to include your product or service in ENS ALTA.
Oct 31, 2023
How to include your product or service in ENS ALTA.
Certifications and cybersecurity methodologies are generating interest among companies and organizations at both the national and international levels.
Sept 19, 2023
Certifications and cybersecurity methodologies are generating interest among companies and organizations at both the national and international levels.
CATEGORIES