Telecommunication and network products are mainly certified through the Common Criteria (CC). Brightsight offers CC evaluations based on a certified Protection Profile, cPP (collaborative Protection Profile) or dedicated Security Targets.
The most recognized and comprehensive IT security standard in the world that can be used to certify any IT system or device providing security functions. More than 25 countries are participating in the mutual recognition of CC certification. Some countries specifically require a CC certificate before it can be purchased. Often a security level of EAL2 or EAL3 is used for telecommunication products.
Brightsight has an approach for the Dutch and Norwegian schemes to support developers in creating dedicated documentation where making maximum re-use of existing documentation without losing quality.
Brightsight offers security evaluation based on the CC requirements under one of the five internationally recognised CC certification bodies (BSI, NSCIB, Sertit, IPA, TSE).
If an internationally recognized certificate is not required, Brightsight can also provide an evaluation based on CC methodology resulting in a Brightsight Certificate.
The approach is shown in the figure on a time axes. Brightsight is able to provide support at any stage of the development and has a successful track record in supporting getting customers through a certification process.