Brightsight can help developers at every stage of their security development cycle, from pre-evaluation to final evaluation (leading to certification). Get your product tested in the development stage already to avoid any security issues in your final product, thereby minimising costs and delays in your product launch.
Brightsight's pre-evaluation services will identify potential attention points and prevent risks for both finished and unfinished products, documentation and sites. You can gain an in-depth understanding and avoid late development redesign costs or possible delays ahead of your formal evaluation.
Can my product pass a security evaluation?
This is an important question when you need an approval within a specific time frame or when you want to prevent risks or avoidable redesign costs late in your development process.
Brightsight checks how the security of a product works and offers gives feedback on this. In our experience, discussing this feedback with the developers in an interactive session is extremely beneficial.
We offer
We can also perform specific tests based on the requirements for the certificate you are aiming for.
Brightsight offers two types of security evaluations
Evaluations leading to a certification, where testing is based on scheme requirements
Evaluation services to test your product against cybersecurity standards and regulations
Assessment of security requirements against industry standards and schemes, with the ultimate goal to obtain certification from these specific schemes. A security assessment will result in a report that is sent to the schemes for approval. In order to pass all security checks, a smart consideration would be to have already undergone pre-evaluation.
Examples
Security testing includes
Scope and documentation
Vulnerability assessment
The goal of a document review is to evaluate the completeness in terms of content, presentation and readability of CC evidence.
Have a vulnerability analysis performed in order to identify potential pitfalls, allowing you to focus your energy and resources where it matters.
Penetration testing
Design and code review
Site security evaluations
Site security evaluations are critical assessments conducted to determine the effectiveness of security measures in protecting physical locations and sensitive data. These evaluations encompass a wide range of factors, from access control and surveillance systems to emergency response procedures and employee training. For organizations handling sensitive information or operating in high-risk environments, a thorough site security evaluation is not just a best practice, but a necessity.
The duration of a site security evaluation varies depending on the size and complexity of the site, as well as the specific scope of the assessment. Factors to consider include the availability of documentation, the cooperation of personnel, and the need for on-site testing. Conditions that must be met include access to relevant areas, provision of security system data, and participation in interviews. It's crucial to schedule evaluations well in advance, considering operational schedules and potential disruptions.
We deliver detailed reports that highlight vulnerabilities and provide clear guidance on remediation.
- If you have a site independently evaluated, you will receive a certificate valid for two years.
- We also offer Site Assessment Reports as a service for customers looking to understand the security of their sites or obtain evidence of their security capabilities.
To enhance your site's security posture and ensure compliance, contact Brightsight today for a comprehensive evaluation.
Brightsight's post-certification services include:
