How Heartbleed Affects Your Security Certifications

How Heartbleed Affects Your Security Certifications

Much has been in the news over the past couple of months about the security vulnerability known as Heartbleed. It is of vital interest to businesses and consumers, but especially so for businesses with products intended to provide security for their users. There are some specific and unique impacts to companies who are planning or are in the midst … [Read more...]

The Differences: Common Criteria Consultants Versus Labs

The Differences Common Criteria Consultants Versus Labs

When someone starts to learn about Common Criteria (CC) evaluations, figuring out the difference between a CC consultant and a CC lab can be tricky. In Part 1 of this blog post, we looked at some differences in the specific work that consultants and labs perform. Now, in Part 2, we will look at the similarities and practical differences between the … [Read more...]

Common Criteria Consultant or Lab: Which Do You Need?

Common Criteria Consultant or Lab: Which Do You Need?

Your federal sales team has declared they can’t effectively sell to either the US Government or other government markets without Common Criteria (CC), and, as a result, your company has made the decision to pursue a CC evaluation. Now, you just need to figure out how to achieve this evaluation.  When you first start to learn about CC evaluations … [Read more...]

Why a UC APL Listing Means More Than Just DoD Revenue

IT security

What is the Unified Capabilities Approved Products List (UC APL) and why is it important to you? You’ve probably heard that it has to do with the Department of Defense — absolutely true and certainly very important. But there are other reasons that you should be concerned about getting your product onto the UC APL. The Department of Defense … [Read more...]

Common Criteria Certification: Opening Doors to Opportunity

Doors Opening to the Sky

Do you need to open the door to sell your IT security product to the U.S. government? That seems like it should be a process that is simple to work through, but think again. Any IT security product that will be used by the U.S. government for national security systems, either to handle classified and even some non-classified information, must have … [Read more...]

Maximize ROI: Market Your Certification


Taking the time, effort and resources to achieve FIPS or Common Criteria certification or UC APL listing is a big deal. It’s not an insignificant investment, and when it’s finally completed, you want to see a significant return, right? The most obvious solution is just to sell more product. And while this may seem both simple and obvious, we … [Read more...]

Entropy Testing for FIPS and Common Criteria: Tips for Meeting Requirements

Entropy Part 2

In the second post of our two-part series, we continue our discussion with panelists from Computer Sciences Corporation: Lachlan Turner, Jason Cunningham, and Maureen Barry. Continuing where we left off with last week’s post, we’ll dive deeper into entropy and answer some of the many questions now arising about new requirements, tools and … [Read more...]