In September, Corsec uncovered a policy change that would affect a number of Common Criteria evaluations following this NIAP announcement: “Per published NIST notifications, all non-56B-compliant key transport schemes will be disallowed in the U.S. government …
The Department of Defense has changed the name of the list it uses for the procurement of IT products to be used over the DoD network infrastructures. Previously names the Unified Capabilities Approved Products List (UC APL), …
In May, President Trump issued a new Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure, requiring all heads of executive agencies and departments to modernize and strengthen the cybersecurity utilized within …
Last Friday’s DoD Industry Day on Network Penetration Reporting and Contracting for Cloud Services came with a big announcement from the Pentagon’s head of IT – DoD CIO John Zangardi. The Pentagon will begin to hold contractors …
The Defense Information Systems Agency (DISA) is evolving their infrastructure to combat concerns over connectivity and security, efficiency, and cost. DISA’s present issues relate to outside components connecting to its network because the infrastructure is outdated. …
On May 11th, President Donald Trump issued an Executive Order requiring all heads of executive agencies and departments to modernize and strengthen cybersecurity within Federal networks and critical infrastructure. The order acknowledged that the government’s …
The newest version of the Common Criteria Network Device Collaborative Protection Profile (NDcPP) and Supporting Documents (SD) has been released. Key changes in version 2.0 include: Support for distributed TOEs Updated X509 certificate authentication requirements …
During the recent Cryptographic Module User Forum (CMUF) meeting, CMVP, which oversees FIPS 140-2 validations in the United States and Canada, announced updates and changes to policy for stagnant modules, the historical list, and documentation …
From the CMVP on their validation Sunsetting Policy: The CMVP is adopting a five year validation sunsetting policy, effective February 1, 2017. The CMVP will move all validation entries with most recent validation dates** prior to February 1, …
The Cryptographic Module Validation Program (CMVP), which was established by NIST to validate modules for the Federal Information Processions Standard (FIPS), has announced upcoming policy changes for the Modules In Process (MIP) list and Implementation Under Test …
Owler (a Crowdsourced Competitive Intelligence Platform) recognizes the top trending companies in cities around the world. They filtered through more than 15 million companies and picked 4,500 award winners across 600 cities worldwide. Recipients were …
Every year Corsec Cares collects donations from team members and delivers them to a local organization to help ensure families in the district are able to enjoy and celebrate the Thanksgiving holiday season. For the second …
As part of Corsec Cares, Corsec’s CEO, Matthew Appler, teamed up with FIRST Lego League (FLL), a local organization to help students expand their engineering enthusiasm and find solutions to real word issues. FLL is …
CMVP; the governing body that oversees U.S. FIPS 140-2 validations, has made drastic changes over the past year to policy governing product certification longevity. This week they went one step further and have now updated …
President Obama created two new executive orders on Tuesday: The first, a Commission on Enhancing National Cybersecurity, dedicated to “enhance cybersecurity awareness and protections at all levels of Government, business, and society, to protect privacy, to ensure public safety …
On January 28th, 2016, OpenSSL released a patch to update a high risk vulnerability. It was discovered and reported that prime “files may not be “safe”. Where an application is using DH configured with parameters …
Product vendors often rely on OpenSSL to meet FIPS requirements. With the new CMVP requirements and regulations, vendors using certain versions of the OpenSSL cryptographic library to meet FIPS 140-2 requirements are in jeopardy of being out of …
Corsec’s philanthropy group, Corsec Cares, recently donated and delivered a box of gifts to the local Fairfax Toys For Tots location. The U.S. Marine Corps Reserves’ Toys for Tots program has been collecting and delivering new unwrapped …
Corsec Cares (Corsec’s team members dedicated to philanthropy efforts), recently collected and delivered food donations for a local organization in Fairfax County to help families in need during the Thanksgiving holiday. Corsec is pleased to have donated …