The product remains in the List of Certified Products for 5 years, as long as there is no vulnerability that affects the certified version and therefore entails the revocation of the certificate. Once this time has elapsed since the certificate was issued, the product goes to the Archived Certified Products List, unless the validation time is extended using the appropriate procedures for this purpose. There is a procedure called Assurance Continuity developed to allow manufacturers to keep their product certified to the latest version.
After a detailed accreditation process by ENAC and CCN that took several months of effort and preparation, last August 19th, we officially obtained the accreditation as a Common Criteria laboratory. A great honor and commitment that makes us give the best of ourselves in this new chapter in the history of jtsec.
CMVP is committed to the creation of tools to automatize the processes and procedures related to the evaluation and testing of cryptographic modules FIPS 140-2 and FIPS 140-3 to address the problem of long delays. At jtsec we welcome this type of initiatives, as the promotion of automatization in the processes used in cybersecurity certifications has been part of our nature since the beginning.
Since 2018, when the Catalogue of Information and Communication Technology Security Products (CPSTIC for its acronym in Spanish) was created and, taking into account the great evolution since the beginning, there have been many doubts that different manufacturers, consultants or laboratories have asked us.
Therefore, we have compiled the most common FAQs related to the CPSTIC catalogue that can serve as a guide or resolve doubts related to the CSPTIC catalogue.
Last week took place the III Encuentro ENS, organized by the CCN (the National Spanish Certification Body), one of the most important cybersecurity meetings in Spain. We could not miss the opportunity to be actively present as speakers. So we offered a talk to show how cybersecurity certification and the CPSTIC catalog can be used in an innovative way. In this edition, we decided to collaborate as VIP sponsors, thus supporting events that offer visibility to the work done by CCN, both with the adoption of the ENS and the CPSTIC catalogue.
