Cyber-Defense

Pentagon Increases Spending On Cyber Defense

Defense Secretary Ashton Carter announced that the Pentagon would be spending an additional $900 million in 2017 to enhance cyber defense measures. This comes after last years hack of the Office of Personnel Management (OPM), resulting …

Read more

niap

NIAP archives Products with Outdated RNG

NIAP, the governing body over Common Criteria in the U.S., announced last week that it would be removing products from their Product Compliant List (PCL) that do not meet new Random Number Generator (RNG) requirements.  This …

Read more

NIST

SCAP: New Revision Available

The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) has released the fourth revision of their Internal Report covering SCAP Version 1.2 Validation Program Test Requirements. SCAP or the “Security Content Automation Protocol” is …

Read more

DoDIN APL

Cisco Completes DoDIN APL Listing with Corsec

Corsec would like to congratulate our partner, Cisco, on successfully completing all the necessary requirements to achieve listing on the DoD’s Information Network Approved Product List (DoDIN APL).  Cisco’s Information Assurance Tool (IAT), StealthWatch Rel. …

Read more

FIPS 140, CSfC, Common Criteria, UC APL

NIST’s Draft PUB on Entropy and RNG

Last month NIST released a draft publication on sources of Entropy and randomness in protecting sensitive data. The draft “Special Publication 800-90B, Recommendation for the Entropy Sources Used for Random Bit Generation”, is intended to help product vendors …

Read more

RSA-2016

Corsec at RSA 2016

RSA is on the horizon and everyone is getting excited.  Each year product vendors convene to discuss security and how we will protect our digital world.  But, with so much going on, it becomes difficult …

Read more

blank

Medical Devices & Security Guidelines

As cyber security risks continue to grow, a number of industries are starting to take steps to ensure secured protection of products. Health Care has always been an area of concern given the sensitive nature of …

Read more

CC-Certification-Common-Criteria-Certification

NSA Reorganization

In December of 2015, we heard about the NSA’s proposed reorganization (its biggest in 20 years) and a few of the potential impacts it could have on the agency and industry as a whole.  One critical …

Read more

Whitehouse

Obama Signs Executive Orders

President Obama created two new executive orders on Tuesday: The first, a Commission on Enhancing National Cybersecurity, dedicated to “enhance cybersecurity awareness and protections at all levels of Government, business, and society, to protect privacy, to ensure public safety …

Read more

AFCEA-West

Corsec Attending AFCEA WEST

Corsec will be in San Diego, CA for the annual AFCEA WEST conference.  “The premier naval conference and exposition on the West Coast, WEST is now in its 26th year of bringing military and industry …

Read more

Crypt-Library

High Severity OpenSSL Vulnerability

On January 28th, 2016, OpenSSL released a patch to update a high risk vulnerability.  It was discovered and reported that prime “files may not be “safe”.  Where an application is using DH configured with parameters …

Read more