Brightsight can help developers at every stage of their security development cycle, from pre-evaluation to final evaluation (leading to certification). Get your product tested in the development stage already to avoid any security issues in your final product, thereby minimising costs and delays in your product launch.
Brightsight's pre-evaluation services will identify potential attention points and prevent risks for both finished and unfinished products, documentation and sites. You can gain an in-depth understanding and avoid late development redesign costs or possible delays ahead of your formal evaluation.
Can my product pass a security evaluation?
This is an important question when you need an approval within a specific time frame or when you want to prevent risks or avoidable redesign costs late in your development process.
Brightsight checks how the security of a product works and offers gives feedback on this. In our experience, discussing this feedback with the developers in an interactive session is extremely beneficial.
We offer
Pre-testing
GAP analysis
Readiness validation
Impact analysis
We can also perform specific tests based on the requirements for the certificate you are aiming for.
Brightsight offers two types of security evaluations
Evaluations leading to a certification, where testing is based on scheme requirements
Evaluation services to test your product against cybersecurity standards and regulations
Assessment of security requirements against industry standards and schemes, with the ultimate goal to obtain certification from these specific schemes. A security assessment will result in a report that is sent to the schemes for approval. In order to pass all security checks, a smart consideration would be to have already undergone pre-evaluation.
We offer
Vulnerability assessment
Delta evaluation
Renewal and maintenance
Re-validation
Annual checkpoint
Admi changes
Site security evaluations
We deliver detailed reports that highlight vulnerabilities and provide clear guidance on remediation.
The goal of a site pre-audit is to explore the gap between the current security level of the site and the JIL Minimum Site Security Requirements and draw up a concrete proposal of the steps needed to get the site ready for a formal site audit evaluation.
Site security evaluations are critical assessments conducted to determine the effectiveness of security measures in protecting physical locations and sensitive data. These evaluations encompass a wide range of factors, from access control and surveillance systems to emergency response procedures and employee training. For organizations handling sensitive information or operating in high-risk environments, a thorough site security evaluation is not just a best practice, but a necessity.
Why is this important? In today's landscape of evolving threats, organizations face increasing challenges in maintaining robust site security. Cyberattacks, physical intrusions, and insider threats can all compromise valuable assets and disrupt operations. The challenge lies in understanding the complex interplay of security measures and identifying vulnerabilities before they are exploited.
Brightsight, as a leading security evaluation lab, offers comprehensive site security evaluation services. We meticulously assess your existing security infrastructure against industry best practices and regulatory requirements. Our evaluations provide a detailed analysis of potential weaknesses, and this report is sent to the relevant scheme or certification body for certification.
The duration of a site security evaluation varies depending on the size and complexity of the site, as well as the specific scope of the assessment. Factors to consider include the availability of documentation, the cooperation of personnel, and the need for on-site testing. Conditions that must be met include access to relevant areas, provision of security system data, and participation in interviews. It's crucial to schedule evaluations well in advance, considering operational schedules and potential disruptions.
- If you have a site independently evaluated, you will receive a certificate valid for two years.
- We also offer Site Assessment Reports as a service for customers looking to understand the security of their sites or obtain evidence of their security capabilities.
Security testing includes
Scope and documentation
Vulnerability assessment
The goal of a document review is to evaluate the completeness in terms of content, presentation and readability of CC evidence.
Have a vulnerability analysis performed in order to identify potential pitfalls, allowing you to focus your energy and resources where it matters.
Penetration testing
Design and code review
To enhance your site's security posture and ensure compliance, contact Brightsight today for a comprehensive evaluation.
Brightsight CB, a newly established Certification Body within Brightsight, operates from one accredited location in Europe: Madrid, Spain. Brightsight serves as both a Certification Body (CB) and an IT Security Evaluation Facility (ITSEF) at levels substantial and high.
Our certification scope
We are a certified lab to offer EUCC and SESIP certifications.
Our certification process
