UC APL Archives - Corsec Security, Inc.®

Fed Roundup: March 2022

Jake Nelson — Thu, 31 Mar 2022 15:12:50 +0000

Announcements:

DISA’s Cybersecurity & Analytics Directorate will provide cybersecurity awareness refresher training courses over the next few weeks
DISA improves Enterprise Email Security Gateway

Updates & Announcements:

None

Special Publications:

SP 800-204C, “Implementation of DevSecOps for a Microservices-based Application with Service Mesh”
SP 800-172A, “Assessment Procedures for Enhanced Security Requirements”
SP 1800-10 “Protecting Information and System Integrity in Industrial Control System Environments: Cybersecurity for the Manufacturing Sector”
Revision of SP 800-38A

Updates & Announcements:

None

Protection Profile Posting:

Virtual Private Network (VPN) Client, Version 2.4 and VPN Gateways, Version 1.2

###

Connect With Us:

Stay up to date with Corsec as we bring you all the most recent updates to the standards, certifications, and requirements – Subscribe

Press Contact:

Jake Nelson
Dir of Marketing
Jnelson@corsec.com

FED Roundup: July 2021

Jake Nelson — Sun, 01 Aug 2021 22:01:15 +0000

DISA News

DISA is scheduled to sunset the Defense Collaboration Services for non-classified Internet Protocol Router Network on September 1, 2021

Announcements:

Special Publications & Updates:

Updates:

None

Protection Profile Posting:

NIAP is calling for Technical Community (TC) participants to review the VPN Client and VPN Gateway (GW) Protection Profile (PP) Modules

###

Connect With Us:

Stay up to date with Corsec as we bring you all the most recent updates to the standards, certifications, and requirements – Subscribe

Press Contact:

Jake Nelson
Dir of Marketing
Jnelson@corsec.com

FED ROUNDUP: JULY 2019

Jake Nelson — Wed, 31 Jul 2019 18:07:31 +0000

Announcements:

None

Releases & Special Publications:

Updates:

None

Protection Profile Posting:

Peripheral Sharing Device (PSD) Protection Profile (PP), Version 4.0 and its five associated PP-Modules:
1.) PP-Module for Audio Input Devices, Version 1.0
2.) PP-Module for Analog Audio Output Devices, Version 1.0
3.) PP-Module for Keyboard/Mouse Devices, Version 1.0
4.) PP-Module for User Authentication Devices, Version 1.0
5.) PP-Module for Video/Display Devices, Version 1.0

Connect With Us:

Stay up to date with Corsec as we bring you all the most recent updates to the standards, certifications, and requirements – Subscribe

###

Press Contact:

Jake Nelson
Corsec Director of Marketing
jnelson@corsec.com

FED ROUNDUP: JUNE 2019

Jake Nelson — Fri, 28 Jun 2019 13:11:36 +0000

DISA’s June News

DITCO, DISA’s contracting arm, reduces its enterprise acquisition services fee

Announcements:

NIST announces Open Security Controls Assessment Language (OSCAL), Version 1.0.0 – Milestone 1 has been released

Releases & Special Publications:

Updates:

None

Protection Profile Posting:

None

Connect With Us:

Stay up to date with Corsec as we bring you all the most recent updates to the standards, certifications, and requirements – Subscribe

###

Press Contact:

Jake Nelson
Corsec Director of Marketing
jnelson@corsec.com

Security Certification Maintenance

Jake Nelson — Wed, 07 Dec 2016 20:16:07 +0000

As you release new versions of previously certified and validated products, it is crucial that you develop a security certification maintenance plan to keep up with the evolution of your technology. Corsec’s Maintenance and Compliance Service helps you determine whether a full re-evaluation is necessary, or if you can pursue other measures to continue generating revenue from your initial certification or validation.

Security Certification Maintenance:

Each security certification has its own unique requirements for maintenance and renewal. Corsec’s engineering team helps you understand the specific actions you will need to take for each of their products and certifications.

FIPS 140-2
The FIPS 140-2 validation process lists five change scenarios that are used to determine if a product requires revalidation, or if documentation alone can address the changes at issue. Corsec will help determine which scenario mostly closely aligns to the latest version of your product.

Common Criteria
Common Criteria determines re-evaluation through a process called Assurance Continuity (AC). If major changes have occurred in the security environment, evidence needs to be submitted to a laboratory and the product needs to be re-evaluated. If minor changes have occurred, a vendor can perform “Assurance Maintenance,” a report that is attached as an addendum to the original product certification, as long as it is within two years of the initial issuance date.

DoDIN APL
In order to maintain a listing on the DoDIN APL, you must complete a Desktop Review (DR) for each major product version. In such a review, a high-level assessment determines whether the product listing will simply be updated with the new version identifier, whether minimal testing must be performed on the new version prior to receiving an updated listing, or whether the product must undergo a new evaluation in its entirety.

Keep Products Market-Ready

Corsec helps ensure that our partners continue to benefit from the efforts they put in initially to get their products certified or validated. If you have questions on the requirements around your products’ recertification or revalidation, we can help determine the best path forward with little to no disruption of your revenue stream.