SGS is the world’s leading inspection, verification, testing and certification company. SGS is recognized as the global benchmark for quality and integrity. With more than 89,000 employees, SGS operates a network of over 2,600 offices and laboratories around the world.
SGS concentrates its cybersecurity capabilities under a single umbrella: SGS Cybersecurity Services. Our technical expertise and capabilities, global footprint and market leadership in testing, inspection and certification across all industries put the company in a unique position to deliver best in class cybersecurity services.
With a focus on standardization, regulation and research SGS Cybersecurity Services can deliver programs according to customer needs, across all regions and in a consistent and timely manner. We provide training, assessment and certification across the entire technology stack of interconnected digital solutions.
atsec information security is an independent, privately owned company that focuses on providing laboratory and consulting services for information security. We address commercial and government sectors around the world. Our consultants are expert in a variety of technologies including operating systems, databases, and network devices. Our laboratories specialise in evaluating and testing commercial products, using international standards to help provide assurance to end-users about the products they buy and use. We focus on assisting organizations, large and small, achieve compliance with standards such as Common Criteria, FIPS 140-2, O-TTPS, PCI, ISO/IEC 27001 and FISMA and offer a variety of services that complement that goal.
The Common Criteria Users Forum (CCUF) was founded in 2012 and is a community based around those using the Common Criteria and ISO/IEC 15408 standards. The CCUF is an evolution of the CC Vendors’ forum (founded in 2004) and the CC Forum (founded in 2010). The Common Criteria Users’ Forum mission is to provide a voice and communications channel between the CC community and the CC organizational committees, CC evaluation schemes, and policy makers.
Understanding the level of product security available in each IT offering can be confusing. That is why having a global, independent, well-documented, and certifiable security baseline across products eases the product comparison and procurement decision-making process. Cisco relies on the external, well-known, and transparent nature of global certifications as a foundational baseline for its Trustworthy Systems Initiative.
Learn more at trust.cisco.com
Teron Labs is an independent security testing laboratory, based in Australia, but with a global reach. Our goal is to help organisations around the world to gain certifications in a timely and predictable manner. We understand that delays in the certification process can result in a loss of sales for your business, therefore, we are able to work with you closely throughout the product development and evaluation processes to make sure that your product is able to be certified without encountering any roadblocks. Unlike other laboratories, which are embedded within large multinational and general cyber security services organisations, the focus of Teron Labs is security testing of ICT products, specialising in FIPS 140-2 and Common Criteria. This focus, together with a simpler business structure and low overheads, provides Teron Labs with a competitive edge in delivering personalised consulting and testing solutions.
jtsec Beyond IT Security is a cybersecurity lab accredited in Common Criteria, as well an internationally recognized consulting firm.
We are active members in different associations and working groups such as the SCCG (Stakeholder Cybersecurity Certification Group) where we contribute by advising the European Commission on cybersecurity certification.
If there is one key aspect that distinguishes us from other Common Criteria laboratories is it the use of our tools. We have developed CCToolbox, a unique framework to smooth Common Criteria process, which includes two tools: CCGen for documentation generation and CCEval that automatizes some of the evaluation activities. With CCToolbox we save time and money to our clients in their Common Criteria certification.
Securelytics is a strong independent cyber security advisory firm and we have a proven track record in ensuring that we deliver a high quality ICT security advisory and testing services for commercial and government clients. Our client base includes some of the largest and most sophisticated technology companies in the world and also some of the most highly secure organizations in the world. Our team of project managers and evaluators sums up more than 50 years (and counting) of experience in the field of IT security development, testing and evaluation. We have been at every side of the story, and we know how to tell it.
Common Criteria Evaluation and Advisory Services
At Securelytics, we help our clients to realise the full value of that investment and to also ensure that there is minimal impact on the time and resources throughout the evaluation process. Critical to maximising value of any evaluation is the planning for reuse of evaluation results as a platform for future releases of the product. In this way, evaluations become both cost-effective and efficient and the full value of the initial investment can be realised. We have assembled a premier team of technical assurance experts with extensive experience in all aspects of the Common Criteria and assurance activities. Our Common Criteria evaluators have been involved in conducting, overseeing and supporting IT security evaluations at all levels of assurance. Members of our team have participated in all relevant roles in the evaluation lifecycle: developer, sponsor, certifier and evaluator, providing Securelytics with a broad range of skills and expertise to help our clients effectively navigate the evaluation process.
SAFECode is a global industry forum where business leaders and technical experts come together to exchange insights and ideas on creating, improving, and promoting scalable and effective software security programs. We believe that secure software development can only be achieved with an organizational commitment to the execution of a holistic assurance process, and that sharing information on that process and the practices it encompasses is the most effective way for software providers to help customers and other stakeholders manage software security risk.