Certifying a product under the Common Criteria methodology is not easy, there are several variables, mainly at the beginning of the project, which are key to the proper development of the evaluation.
One of the important decisions to be made is to verify whether the product adapts to the characteristics and requirements of an existing Protection Profile (PP) or not.
2020 will always be remembered for COVID19, a virus that has changed our daily lives and the way we have had to relate, missing the touch of human contact with co-workers, customers, family and friends.
At jtsec we wanted to turn these initials into words that would offer us motivation, personal and professional improvement in the face of a completely new and strange scenario that we have all had to face.
In the absence of a specific Protection Profile (PP) for Endpoint solutions, NIAP has recently developed two modules of the software application Protection Profile with the intention of facilitating the certification process for laboratories, consultants and developers themselves.
Cybersecurity is an area that is continually advancing at a rapid pace. Therefore, certifications must be modified to conform as closely as possible to reality and current events.
At jtsec we believe that collaborating in different working groups with different companies at a global level is the ideal way to contribute to the improvement and updating of the different cybersecurity certifications, mainly those that are more standardized worldwide.
The new cybersecurity standard for FIPS 140-3 cryptographic modules is just around the corner. The CMVP already accepts reports that are based on FIPS 140-3. So in the next 12 months (until September 2021), vendors can test their technology against FIPS 140-2 or FIPS 140-3.
