Common Criteria

Version 2 of the NDcPP Is Here

NIAP has endorsed and listed the second version of the Network Device Collaborative Protection Profile (NDcPP) to be used for Common Criteria evaluations in the United States. The use of the Protection Profile is for those …

Read more

blank

Pentagon Releases New Security Policies

Last Friday’s DoD Industry Day on Network Penetration Reporting and Contracting for Cloud Services came with a big announcement from the Pentagon’s head of IT – DoD CIO John Zangardi. The Pentagon will begin to hold contractors …

Read more

Common Criteria

Common Criteria NDcPP Version 2 Released

The newest version of the Common Criteria Network Device Collaborative Protection Profile (NDcPP) and Supporting Documents (SD) has been released. Key changes in version 2.0 include: Support for distributed TOEs Updated X509 certificate authentication requirements …

Read more

Corsec-Common-Criteria

Common Criteria Version Update

Common Criteria, the internationally recognized set of guidelines (ISO 15408), which define a common framework for evaluating security features and capabilities of Information Technology security products, has been updated to CC v3.1 Release 5. This new release …

Read more

U.S. Gov

Monthly Fed Roundup – March 2017

DISA’s March News DISA holds Systems Engineering, Technology, and Innovation Pre-Proposal Conference for insights on new Engineering Contract Vehicle Training offered for individuals trying to re-certify, re-accredit, or establish connectivity to the Defense Security Information Security Network …

Read more

blank

CMVP Changes to FIPS 140-2

During the recent Cryptographic Module User Forum (CMUF) meeting, CMVP, which oversees FIPS 140-2 validations in the United States and Canada, announced updates and changes to policy for stagnant modules, the historical list, and documentation …

Read more

U.S. Gov

Monthly Fed Roundup – January 2017

DISA’s January News DISA focuses on Innovation during the Armed Forces Communications and Electronics Association panel NIST’s January News NIST Draft Releases: Draft Special Publication 800-12, Revision 1, An Introduction to Information Security NIST Interagency Reports: …

Read more

blank

Updates to CMVP’s Sunsetting Policy

From the CMVP on their validation Sunsetting Policy: The CMVP is adopting a five year validation sunsetting policy, effective February 1, 2017. The CMVP will move all validation entries with most recent validation dates** prior to February 1, …

Read more

blank

New Guidance On FIPS 140-2 Listings

The Cryptographic Module Validation Program (CMVP), which was established by NIST to validate modules for the Federal Information Processions Standard (FIPS), has announced upcoming policy changes for the Modules In Process (MIP) list and Implementation Under Test …

Read more

U.S. Gov

Monthly Fed Roundup – December 2016

DISA’s December News No December Updates NIST’s December News NIST Draft Releases: Draft Special Publication 800-188, De-Identification of Government Datasets Special Publications: SP 800-179 Guide to Securing Apple OS X 10.10 Systems for IT Professionals: A NIST …

Read more

CMUF-Common-Criteria

CMUF Monthly Update: July

Here are the monthly updates for July from the CMUF Members Meeting. Changes to the In Process List: One of the most noteworthy updates is that the CMVP will be splitting the Modules in Process …

Read more

FIPS 140-3: When is it coming?

FIPS 140-3: When Can We Expect It?

Corsec is often asked when the next version of the Federal Information Processing Standard (FIPS 140-3), is expected to be released. It is an important question as product vendors are trying to adapt their certification strategies; …

Read more

blank

Two New Countries Join CCRA

The CCRA Management Committee Chair has announced that two more countries, Qatar and Singapore, will officially sign the Common Criteria Recognition Agreement (CCRA). The addition of of the two nations brings the total number of participants to …

Read more

U.S. Gov

Monthly FED Roundup – June 2016

DISA’s June News Lessons Learned from the First DOD Applications Migrated to the Commercial Cloud DISA Vice Director Jack Wilmer speaks on benefits of cloud solutions, including increased speed, agility, and cost savings Big Data …

Read more

CMUF-Common-Criteria

CMUF Monthly Update: June

The deadline is approaching for vendors that were moved to the Historical List because of their RNG use.  July 1 is the last day that a lab can submit a no-cost 3Sub to move a module …

Read more