I’m very proud to announce that the CoreTrace Bouncer application whitelisting solution is in the testing process to be certified to Common Criteria Evaluation Assurance Level (EAL) 3+. As we go through evaluation under the Canadian Common Criteria Evaluation and Certification Scheme (CCS), I’m completely confident that our platform will become the first application whitelisting solution to be certified to Common Criteria EAL 3+.
As a former Air Force Information Warfare Officer, I know the dangers today’s threat landscape poses to our critical infrastructure, government and military systems. The impact of more sophisticated, targeted attacks like the Stuxnet worm are intended to create damage well beyond financial losses; they pose a significant threat to public safety and our national security. As I continue to come across stories like, “Protecting Utilities from Imminent Threats,” and “Researcher blasts Siemens for downplaying SCADA threat,” I’m constantly reminded of the need for rigorous, independently validated solutions like Bouncer.
The Common Criteria certifications reflect extensive evaluations of the security features and capabilities of information technology and networking products in clearly specific, real-world operating environments. Considered a prerequisite in many government procurements in the U.S. and abroad, the certification process provides independent verification of the developer’s security test results, and evaluates the developer’s checks for vulnerabilities, the development environmental controls and the product’s configuration management.
Going through a more rigorous EAL 3+ testing, which is more extensive and methodical than EAL 2 certifications, provides an additional level of confidence and assurance that our customers need and deserve for protecting their critical systems and networks.
Our commitment to delivering solutions that meet or exceed the national security criteria set by the National Information Assurance Partnership (NIAP) is why we are pursuing Common Criteria Level 3+ Evaluation. Achieving EAL 3+ status will be yet another way we are proving the security worthiness of application control and whitelisting to protect critical systems and networks from more dangerous cyber attacks.
by Toney Jennings
No comments:
Post a Comment