Corsec at RSA 2016
RSA is on the horizon and everyone is getting excited. Each year product vendors convene to discuss security and how we will protect our digital world. But, with so much going on, it becomes difficult …
Medical Devices & Security Guidelines
As cyber security risks continue to grow, a number of industries are starting to take steps to ensure secured protection of products. Health Care has always been an area of concern given the sensitive nature of …
Targeting the DoD? The Different Paths to Military Sales
With the military’s love of acronyms and the many and varied requirement definitions, understanding how to break into Department of Defense (DoD) sales can be a daunting proposition. How do these DoD and international requirements …
NSA Reorganization
In December of 2015, we heard about the NSA’s proposed reorganization (its biggest in 20 years) and a few of the potential impacts it could have on the agency and industry as a whole. One critical …
Obama Signs Executive Orders
President Obama created two new executive orders on Tuesday: The first, a Commission on Enhancing National Cybersecurity, dedicated to “enhance cybersecurity awareness and protections at all levels of Government, business, and society, to protect privacy, to ensure public safety …
Corsec Helps CyberArk Become First Comprehensive Privileged Account Security Solution To Be Listed On The U.S. DoDIN APL
Corsec congratulates CyberArk, for achieving listing on the DoDIN APL. CyberArk’s active participation in security certifications and listing on the DoDIN APL signifies the companies’ commitment to providing users with solid product security and CybeArk becomes the first …
Corsec Attending AFCEA WEST
Corsec will be in San Diego, CA for the annual AFCEA WEST conference. “The premier naval conference and exposition on the West Coast, WEST is now in its 26th year of bringing military and industry …
High Severity OpenSSL Vulnerability
On January 28th, 2016, OpenSSL released a patch to update a high risk vulnerability. It was discovered and reported that prime “files may not be “safe”. Where an application is using DH configured with parameters …
DTECH LABS and Corsec Complete DoDIN APL Listing in Record Breaking Time
We are pleased to congratulate our partner DTECH LABS (a subsidiary of Cubic) for a true partnership in product security compliance and security hardening. Corsec and DTECH together have broken the previous benchmarks in time …
CMVP Has Begun Archiving!
As previously mentioned, CMVP announced that all FIPS 140-2 validations that use Random Number Generators (RNG), as well as certifications that use both the NIST 800-90A DRBG and RNG will be required to re-validate, otherwise, they will …
EMC Adds Data Storage System To List of Common Criteria Evaluated Products
EMC continues to grow as a leader in the secured storage playing field. Corsec would like to congratulate our partner EMC on completing the Common Criteria EAL 2+ evaluation for their product, the SourceONE v7.2. With this …
Happy Data Privacy Day
On January 28th; the U.S., Canada, and 47 European countries take time to acknowledge the importance of privacy and data protection best practices. Although this day has its roots in protecting personal data, specifically with …
White House Updates
When the Whitehouse issued its new action plan to prevent security breaches and attacks similar to that of the OPM fiasco, part of the plan was to acknowledge a number of cybersecurity gaps; some of which will ultimately impact …
Cryptography, FIPS 140-2, and Lab Changes – What You Need to Know
Corsec brings highlights from recent events – offering insight into the future of Cryptographic Validations, Lab Reviews, and a potential new Inter-Agency Agreement. Cryptographic Validations, Quo Vadis? and apropos of FIPS 140-2 Cryptographic validations currently do …
FIPS Compliance and OpenSSL
Product vendors often rely on OpenSSL to meet FIPS requirements. However, with the new CMVP requirements and regulations, vendors using certain versions of the OpenSSL cryptographic library to meet FIPS 140-2 requirements are in jeopardy …
Corsec Guides McAfee through FIPS 140-2 Level 2 Validation
After a year of collaboration and commitment, Corsec would like to congratulate our partner, McAfee, for completing the Federal Information Processing Standards 140-2 (FIPS 140-2) Level 2 validation of the McAfee Web Gateway WG5000 and …
Sunsetting of FIPS 140-2 Products
Over 1,500 FIPS 140-2 validated products will be facing archival by CMVP by 2017. Recently, CMVP, the governing body which oversees FIPS 140-2 validations, laid out guidelines and new regulations for validations in two distinct areas: …
EMC’s ViPR Controller Completes Common Criteria with Corsec’s Guidance
Corsec is pleased to have worked with EMC to complete the Common Criteria validation for the ViPR Controller v2.1.0.3 HF2. With this validation, ViPR Controller will continue to be a trusted option for governments and industries who …
Corsec Guides HP Smart Array RAID Controllers Through Validation
After a year of collaboration and commitment, Corsec would like to congratulate our partner, HP, for completing the Federal Information Processing Standards 140-2 (FIPS 140-2) validation of their product, the Smart Array Gen9 RAID Controllers. …
Corsec Guides HPE to Successful Common Criteria Certification
Congratulations to HPE for successful completion of the Common Criteria evaluation for Cloud Service Automation v4.10; CSA has completed Common Criteria at an EAL 2+ level, and is a trusted option for governments and industries who …