Why a UC APL Listing Means More Than Just DoD Revenue

IT security

What is the Unified Capabilities Approved Products List (UC APL) and why is it important to you? You’ve probably heard that it has to do with the Department of Defense — absolutely true and certainly very important. But there are other reasons that you should be concerned about getting your product onto the UC APL. The Department of Defense … [Read more...]

Common Criteria Certification: Opening Doors to Opportunity

Doors Opening to the Sky

Do you need to open the door to sell your IT security product to the U.S. government? That seems like it should be a process that is simple to work through, but think again. Any IT security product that will be used by the U.S. government for national security systems, either to handle classified and even some non-classified information, must have … [Read more...]

Maximize ROI: Market Your Certification

ROI

Taking the time, effort and resources to achieve FIPS or Common Criteria certification or UC APL listing is a big deal. It’s not an insignificant investment, and when it’s finally completed, you want to see a significant return, right? The most obvious solution is just to sell more product. And while this may seem both simple and obvious, we … [Read more...]

Entropy Testing for FIPS and Common Criteria: Tips for Meeting Requirements

Entropy Part 2

In the second post of our two-part series, we continue our discussion with panelists from Computer Sciences Corporation: Lachlan Turner, Jason Cunningham, and Maureen Barry. Continuing where we left off with last week’s post, we’ll dive deeper into entropy and answer some of the many questions now arising about new requirements, tools and … [Read more...]

Entropy Testing for FIPS and Common Criteria: What You Need to Know

Entropy Part 1

In the world of cryptography, data is only safe as long as the keys used to protect that data are kept secure.  While, on one hand, this means that keys must be protected against unauthorized access, it also means that keys must be created in a way that makes them difficult for an attacker to guess.  To produce cryptographically strong keys, … [Read more...]

A Look Back: 2013 for FIPS, Common Criteria and UC APL

2013

The end of the year is a great time to look back at important milestones and use what we’ve learned to plan for the upcoming year. This year, clearing the air where myths and misconceptions were concerned was a theme that we saw come up repeatedly at Corsec, and laying the groundwork for smooth process was another. Here are some highlights of … [Read more...]

FIPS: What’s Real and What Isn’t—Webinar Recap, Part 2

10MythsAboutFIPS2

As I mentioned in my previous post, because of the level of detail, time, and cost involved, there is a lot of confusion over what is really required to validate your product to FIPS. Last week, I went over myths one through five from our recent webinar, “Top 10 Myths About FIPS.” Here, I’ll discredit myths six through ten, as well as answer … [Read more...]