Skip to searchSkip to main content
Brightsight

  • The leading cybersecurity laboratory for connected products

    Get your products ready and in compliance with the latest security regulations and requirements

    Explore our services

    The EU Cyber Resilience Act

    CRA is more than just a regulatory requirement – it is an opportunity to strengthen security, build trust and differentiate your products. 

    As of 11 December 2027, the CRA will become a mandatory certification. And from 11 September 2026, the first obligations will already apply, such as reporting vulnerabilities. Brightsight can assist in navigating the complexities of the CRA. 

    Prepare for the CRA with Brightsight

Featured news

First SESIP certificate

Brightsight CB issues its first SESIP certificate

Brightsight Certification Body (CB) is proud to announce the issuance of its inaugural SESIP certificate, marking a significant milestone in the company’s growth in security certifications.

Check out Brightsight CB
PCI–RED certification

Brightsight celebrates its first RED-PCI PTS certification

Brightsight completes its first payment terminal evaluation under the EU Radio Equipment Directive (RED) regulation, leading to RED certification by SGS Fimko.

Check out our RED services
EUCC ITSEF license

The first EUCC certification from the Netherlands secured by Brightsight

Brightsight customers can benefit from the efficient approach to the EUCC evaluations by re-using results from previous projects of the same product line. 

Download EUCC brochure
EUCC ITSEF license

Brightsight licensed as EUCC ITSEF by Dutch NCCA

All five licensed European laboratories of Brightsight are authorized to perform security evaluations of IT products as independent test labs under the EUCC. 

Check out our EUCC services

Our services

Simplify your certification journey. Choose Brightsight—your one-stop service.

Lab services
CB services
Professional advisory services

Why Brightsight?

Brightsight is an independent lab and a certification body.  For your convenience, we integrated the evaluation and certification services—all under one roof—to simplify your certification journey. 

Brightsight CB operates impartially and independently as both a Certification Body (CB) and an IT Security Evaluation Facility (ITSEF), ensuring that certification processes remain transparent and unbiased.

Why choose us?

  • Predicable evaluation and certification processes.
  • Fair and impartial decisions.
  • Responsive and transparent communication.
  • High-quality independent services driven by integrity. 

What makes Brightsight different? 

  • A certification partner who speaks your language.
  • All under one roof: independent lab and certification services, integrated for your convenience.
  • One team, one facility, one goal: seamless CB–ITSEF collaboration.
  • Short communication lines between CB and ITSEF.
  • Familiar faces: our experts understand your product and markets you aim to target.
  • Shared in-house knowledge: all Common Criteria schemes and working groups.
  • Efficient approach: re-using results from previous assessments of the same product line. 
  • We are all Brightsight and that makes all the difference.  

Addressing your security evaluation challenges

Smooth and efficient security evaluation journey

Smooth and efficient security evaluation journey

We don’t just tick boxes. We take you on a full journey to help you understand what the best options are for you.

We are accredited by 50 leading organizations and schemes. We own a lot of intellect on certification or approval that can help you in your journey.

Offering you complete one-stop-shop services. We offer pre-evaluation services as preparation for evaluation, are a cybersecurity lab to validate compliance and a certification body to certify your product.

You can count on our reliability and predictability and benefit from combined strengths of integration with SGS.

Customer-centric focus

Customer-centric focus

We balance the right level of security with time to market by offering a transparent planning.

You can count on a flexible evaluation approach, where possible.

Offering local presence for smooth and clear communication as well as compliance with local schemes.

Delivering high-quality evaluation technical report.

Reusing intelligence from past projects to speed up time-to-market.

Your success is our priority. 

Scheme recognition

As a laboratory recognised by more than 50 international schemes, Brightsight offers efficient security evaluations by reusing results or combining evaluations, where possible. 

Brightsight is the leading laboratory in Common Criteria security evaluations. We have 40 years of experience in Common Criteria, the most widely recognised and comprehensive IT security standard in the world that can be used to certify any IT system or device. We work with 10+ Common Criteria schemes worldwide.

Learn about regulation and our recognitions
Common Criteria
SESIP
EUCC
Common.SECC
RDI
eIDAS
CSA Singapore
BSI
CCN
GSMA
PSA Certified
ETSI
Cybersecurity Labelling Scheme by Cyber Security Agency of Singapore
SGS Cybersecurity Mark
CPSTIC
European Commission
ISO
NIST
EMVCo
PCI
Die Deutsche Kreditwirtschaft
Mastercard
American Express
Visa
Discover Network
Troy
MIFARE
DTSEC
National IT Evaluation Scheme by Cyber Security Agency of Singapore
FeliCa Networks
TSE
FIDO Alliance
Sertit
ELO
Australian Payments Network
eftpos
napas
Paynet - Payments Network Malaysia
pay.uk
JCB
Interac
Pure Payments
LINCE
California State Senate
ICAO
AAMI
Algemene Inlichtingen- en Veiligheidsdienst
EU-MDR
UNECE
FDA - U.S. Food and Drug Administration
China NMPA
DPA
IEC
ISA
Global Platform
Swiss Digital Initiative
OWASP

What customers and partners say about our security evaluation services

Datecs logo
"The project has been successful and matches our expectations. The communication with the project manager was perfect, we received weekly reports. The senior security evaluator has a high level of technical expertise. In overall the project execution was effective, based upon established best practices, processes, project updates and tools."

Stefan Mitov

Technical Support from Department of Innovative Technologies, Datecs Ltd.
Infineon logo
“The Brightsight Common Criteria Course helped me understanding certification requirements, especially for the NSCIB alternate approach. The training content is well structured and there is enough time provided for Q&A. The trainers provided me with in depth knowledge on the subject, and now I can help our development team to decide what is required and what is not. I would definitely recommend this training to my colleagues and business partners.”

Kalaiselvam Suruddaiyan

Product Security Certification Expert, Infineon Technologies
CEC Huada logo
"Brightsight and HED have already been working together for 10 years, as Brightsight's evaluation methodology seamlessly matches HED's product development phase. This is possible because of the deep understanding of Chinese business, culture, and language of Brightsight. Brightsight's service and time-to-certificate mentalities are critical to our business."

Chang Feng

CEO of CEC, Huada Electronics Design Co, Ltd.
Check Point Software Technologies LTD.

"My colleague told me that if we wanted to get this certification fast, there was only one company that could do it, and advised me to talk to Brightsight. He was right."

Gera Dorfman

VP, Check Point Software Technologies
MagicCube

"Brightsight’s team’s approach, knowledge, and attention to detail played a big part in making this a successful endeavor. This certification provides recognition and third-party technical validation, which will facilitate widespread adoption and deployment of our products globally.”

Sam Shawki

Co-founder and CEO, MagicCube
PAX Technology

"Thanks to our trusted partner Brightsight’s expertise and hard work in completing the highest standards of security evaluation in such a quick period.”

Alex Dong

VP, PAX Technology
Listen to Bright Insight Podcast