Getting certification for your product and site

I need a certification for my other products

Under the Common Criteria (CC) schemes Brightsight can perform evaluations on many types of products. Brightsight has a unique position that it can perform evaluations under multiple internationally recognised CC Schemes. This gives flexibility for customers specific requirements. The services for CC evaluations range from early design support till the final certification.

Fields of expertise

  • Financial Industry
  • Military
  • Government
  • Space
  • Energy

Some of our customers

  • FOX IT
  • NXP

The process of getting a certificate

Common Criteria Evaluation

The most recognized and comprehensive IT security standard in the world that can be used to certify any IT system or device providing security functions. More than 25 countries are participating in the mutual recognition of Common Criteria certification. A Common Criteria certification is normally requested by a customer. Brightsight performs evaluations at all security levels under supervision of the CC Schemes in The Netherlands (NSCIB), Germany (BSI), Japan (IPA), Norway (SERTIT) and Turkey (TSE).

Training

  • CC training
  • CC evidence and documents training

Pre-evaluation

  • Design and/or code review
    Identify major weaknesses in the security architecture of the telecommunication product in an early stage.
  • Document review
    Verify the completeness in content, presentation and readability of CC evidence.
  • Site pre-audit
    Explore the possible gap between the current security level of a development or production site and the requirements in an evaluation.

The approach is shown in the figure on a time axes. Brightsight is able to support you at any stage of the development and has a proven concept and track record in supporting you getting the certifications.