OpenSSL-FIPS-Compliance

FIPS Compliance and OpenSSL

Product vendors often rely on OpenSSL to meet FIPS requirements. With the new CMVP requirements and regulations, vendors using certain versions of the OpenSSL cryptographic library to meet FIPS 140-2 requirements are in jeopardy of being out of …

Read more

RMF and the DoD's UC APL

RMF: Is It Replacing the DoDIN APL and other Security Certifications?

As companies tap into the growing addressable markets for Commercial and FED, they are confronted with a litany of standards, acronyms and security validations they must overcome in order to stay relevant. The list is daunting, and making sense of this has been our singular focus for the past 18 years. In that time, we…

FIPS 140, CSfC, Common Criteria, UC APL

Maximize ROI: Market Your Certification

Taking the time, effort and resources to achieve FIPS or Common Criteria certification or UC APL listing is a big deal. It’s not an insignificant investment, and when it’s finally completed, you want to see a significant return, right? The most obvious solution is just to sell more product. And while this may seem both simple and obvious, we all know…

FIPS 140, CSfC, Common Criteria, UC APL

A Look Back: 2013 for FIPS, Common Criteria and DoDIN APL

The end of the year is a great time to look back at important milestones and use what we’ve learned to plan for the upcoming year. This year, clearing the air where myths and misconceptions were concerned was a theme that we saw come up repeatedly at Corsec, and laying the groundwork for smooth process…

RMF and the DoD's UC APL

Planning Leads to Smooth Sailing in DoDIN APL Listing: Webinar Recap

Getting your product listed on the DoD UC APL can seem like a Herculean task. We’ve talked before about the ins and outs of the entire listing process, but anyone who has considered any type of IT security validation knows that making the process as efficient as possible is as key as paying attention to the details. Last week, Corsec Co-Founder…

FIPS 140, CSfC, Common Criteria, UC APL

But the Rules are Changing!

According to the ancient Greek philosopher Heraclitus, “There is nothing permanent except change.” As anyone following security certifications lately can tell you, there is a lot of truth in this statement. We have entered another …

Read more

blank

Budgeting for Certifications: Avoid Cost Creep

Budgeting for a Common Criteria Certification can be difficult, but it’s not impossible. Understanding how to create your certification budget, and taking the necessary steps to follow through with that budget, can reduce your costs and simplify the certification process. We are frequently asked, “How much does certification cost…

Watch A Webinar by Corsec

Highlights from Corsec’s DoDIN APL Webinar: A Glimpse Into What You Missed

Corsec recently presented a webinar called, DoD UC APL Solutions: Dealing with UCCO, STIGS, JITC, the TIC, Army, and DoD Requirements. Judging from the large number of views and inquiries on this, the Department of Defense’s Unified Capabilities Approved Products List (DoD UC APL) is a very hot topic for many vendors, and…

Watch A Webinar by Corsec

Webinar: Moving Through DoDIN APL Testing Efficiently

If you’ve heard of DoDIN APL, you probably have a list of questions. DoDIN APL (which stands for The Department of Defense Information Network Approved Products List) is a directory of IT security products that have completed both Information Assurance (IA) and Interoperability (IO) testing and certification. Attaining inclusion in the APL can be an avenue to new revenue opportunities, but like anything involving federal approval, it’s not an easy road.

Read more