SGS Brightsight is the largest security evaluation lab in the world, with seven accredited labs worldwide: Delft, Barcelona, Madrid, Meyreuil, Graz, Beijing and Taipei.
SGS Brightsight supports companies in security evaluations for compliance, risk management and market positioning. Collaborating in diverse domains as eID, E-Payments, Space, Industrial, Telecommunication, Medical, Automotive and IoT, from IP design, to Silicon, Software and End-Devices. With over 35 years of experience in Cybersecurity, SGS Brightsight brings expertise in technology, security evaluations, policies and regulatory requirements. We evaluate IT products against requirements set by governmental and private schemes.
SGS Brightsight has over 50 accreditations worldwide, and has been a Common Criteria and EMVCo hardware lab since 2002. We are uniquely positioned with our accreditations by multiple governmental Common Criteria schemes: CSA (Singapore), TSE (Turkey), NSCIB (the Netherlands), CCN (Spain), BSI (Germany) and SERTIT (Norway).
atsec information security is an independent, privately owned company that focuses on providing laboratory and consulting services for information security. We address commercial and government sectors around the world. Our consultants are expert in a variety of technologies including operating systems, databases, and network devices. Our laboratories specialise in evaluating and testing commercial products, using international standards to help provide assurance to end-users about the products they buy and use. We focus on assisting organizations, large and small, achieve compliance with standards such as Common Criteria, FIPS 140-2, O-TTPS, PCI, ISO/IEC 27001 and FISMA and offer a variety of services that complement that goal.
The Common Criteria Users Forum (CCUF) was founded in 2012 and is a community based around those using the Common Criteria and ISO/IEC 15408 standards. The CCUF is an evolution of the CC Vendors’ forum (founded in 2004) and the CC Forum (founded in 2010). The Common Criteria Users’ Forum mission is to provide a voice and communications channel between the CC community and the CC organizational committees, CC evaluation schemes, and policy makers.
Trustworthy. Transparent. Accountable. Cisco is the worldwide leader in networking for the Internet and continues to be a global leader in pursuing and completing Common Criteria (CC) certification. Understanding the level of product security available in each IT offering can be complex and time-consuming. Having a global, independent, well-documented, and certifiable security baseline across products eases the product comparison and procurement decision-making process. Cisco relies on the external, well-known, and transparent nature of global certifications as a foundational baseline for its Trustworthy Systems Initiative, embedding security across processes and technology to provide a trustworthy network foundation.
Teron Labs is an independent security testing laboratory, based in Australia, but with a global reach. Our goal is to help organisations around the world to gain certifications in a timely and predictable manner. We understand that delays in the certification process can result in a loss of sales for your business, therefore, we are able to work with you closely throughout the product development and evaluation processes to make sure that your product is able to be certified without encountering any roadblocks. Unlike other laboratories, which are embedded within large multinational and general cyber security services organisations, the focus of Teron Labs is security testing of ICT products, specialising in FIPS 140-2 and Common Criteria. This focus, together with a simpler business structure and low overheads, provides Teron Labs with a competitive edge in delivering personalised consulting and testing solutions.
jtsec Beyond IT Security is a cybersecurity lab accredited in Common Criteria, as well an internationally recognized consulting firm.
We are active members in different associations and working groups such as the SCCG (Stakeholder Cybersecurity Certification Group) where we contribute by advising the European Commission on cybersecurity certification.
If there is one key aspect that distinguishes us from other Common Criteria laboratories is it the use of our tools. We have developed CCToolbox, a unique framework to smooth Common Criteria process, which includes two tools: CCGen for documentation generation and CCEval that automatizes some of the evaluation activities. With CCToolbox we save time and money to our clients in their Common Criteria certification.
The European Cyber Security Organisation (ECSO) is a non-for-profit organisation, established in 2016. ECSO unites more than 250 European cybersecurity stakeholders, including large companies, SMEs and startups, research centres, universities, end-users, operators, associations and national administrations. ECSO works with its Members and Partners to develop a competitive European cybersecurity ecosystem providing trusted cybersecurity solutions and advancing Europe’s cybersecurity posture and its technological independence.
More information: www.ecs-org.eu.
Securelytics is a strong independent cyber security advisory firm and we have a proven track record in ensuring that we deliver a high quality ICT security advisory and testing services for commercial and government clients. Our client base includes some of the largest and most sophisticated technology companies in the world and also some of the most highly secure organizations in the world. Our team of project managers and evaluators sums up more than 50 years (and counting) of experience in the field of IT security development, testing and evaluation. We have been at every side of the story, and we know how to tell it.
Common Criteria Evaluation and Advisory Services
At Securelytics, we help our clients to realise the full value of that investment and to also ensure that there is minimal impact on the time and resources throughout the evaluation process. Critical to maximising value of any evaluation is the planning for reuse of evaluation results as a platform for future releases of the product. In this way, evaluations become both cost-effective and efficient and the full value of the initial investment can be realised. We have assembled a premier team of technical assurance experts with extensive experience in all aspects of the Common Criteria and assurance activities. Our Common Criteria evaluators have been involved in conducting, overseeing and supporting IT security evaluations at all levels of assurance. Members of our team have participated in all relevant roles in the evaluation lifecycle: developer, sponsor, certifier and evaluator, providing Securelytics with a broad range of skills and expertise to help our clients effectively navigate the evaluation process.
SAFECode is a global industry forum where business leaders and technical experts come together to exchange insights and ideas on creating, improving, and promoting scalable and effective software security programs. We believe that secure software development can only be achieved with an organizational commitment to the execution of a holistic assurance process, and that sharing information on that process and the practices it encompasses is the most effective way for software providers to help customers and other stakeholders manage software security risk.
GlobalPlatform is a technical standards organization that enables the efficient launch and management of innovative, secure-by-design digital services and devices, which deliver end-to-end security, privacy, simplicity and convenience to users. It achieves this by providing standardized technologies and certifications that empower technology and service providers to develop, certify, deploy and manage digital services and devices in line with their business, security, regulatory and data protection needs.