EAL2 certified under the Spanish scheme
The openNAC Enterprise advanced cybersecurity solution achieves the EAL2 assurance certification in its evaluation under the Common Criteria standard and is admitted in the CPSTIC catalog.
Hack the Box Jerry. OS: Windows. Difficulty: Easy. Points: 20. Our testers on their way to OSCP certification.
Problems and opportunities
The creation of a new standard of cybersecurity certification is always an exciting event as it involves exploring new technologies and establishing the basis on how an adequate design of the key aspects of cybersecurity should be for the typology of products under study. However, this is not usually exempt from problems or unknowns that are usually suffered by manufacturers who venture to spearhead and be at the forefront, not only from the technological point of view, but also from compliance.
What's new?
On May 1, 2019, the Federal Register announced that the Secretary of Commerce had approved Federal Information Processing Standards Publication 140-3 (FIPS 140-3) which supersedes FIPS 140-2 on March 22, 2019.
How to dispel the pitfalls?
FIPS 140-2 is a security standard developed by the governments of the USA and Canada to certificate IT products that implement cryptographic operations in order to protect sensitive or important information, and as you probably already know, we can help.