Do you need to state that your product complies with security requirements?
SGS Brightsight can help developers at every stage of their security development cycle, from pre-evaluation to final evaluation (leading to certification). Get your product tested in the development stage already to avoid any security issues in your final product, thereby minimising costs and delays in your product launch.
Security services
- Whether you are looking to prepare for a security evaluation or certification or are in the process of defining a design or product specification with security and privacy by design, we offer training courses adapted to your needs.
- To help you get security approval in time, prevent risks and avoid redesign costs late in your development process, SGS Brightsight offers pre-evaluations on both finished and unfinished products, documentation and sites. This way, you still have time to take action if we find anything crucial.
- SGS Brightsight offers two types of security evaluations:
- Security evaluations leading to a certification, where testing is based on scheme requirements
- Security evaluation services to test your product against cybersecurity standards and regulations
- Various certifications require a security evaluation of a development and/or production site of the product. The result can be re-used in multiple product evaluations. The goal of a site pre-audit is to explore the gap between the current security level of the site and the JIL Minimum Site Security Requirements and draw up a concrete proposal of the steps needed to get the site ready for a formal site audit evaluation.
Security testing
- Scope & documentationThe goal of a document review is to evaluate the completeness in terms of content, presentation and readability of CC evidence.
- Design and code reviewMake use of the expertise of some of the best experts in the areas of IP, software and hardware security for validating and evaluating your designs. The goal of a design review is to identify potential weaknesses in the security architecture of the IC/Smart Card at an early stage. Source code review by one specialised 3rd party helps to identify blind spots.
- Vulnerability assessmentHave a vulnerability analysis performed in order to identify potential pitfalls, allowing you to focus your energy and resources where it matters.
- Penetration testingStay up to date with the state of the art in security evaluation, using the ultimate techniques and tools.
