Brightsight expands EUCC high assurance leadership with Spanish ANCC authorization

16.02.2026 01:27 PM
Spanish laboratories of Brightsight are authorized to perform security evaluations of IT products as independent test labs under the EUCC.

We are delighted to announce that, following our Dutch licence last year, Brightsight is now authorized by the National Cybersecurity Certification Authority (ANCC) of the National Cryptologic Centre (CCN) in Spain, as an IT Security Evaluation Facility (ITSEF) under the European Cybersecurity Act (CSA) legislation.  

Spanish facilities of Brightsight, located in Barcelona and Madrid, are authorized to perform security evaluations of IT products as independent test labs under the EU Cybersecurity Certification Scheme on Common Criteria (EUCC) on the assurance level High for the technical domains: 

  • Smartcards and similar devices – up to and including AVA_VAN.5
  • Generic software and network products – up to and including AVA_VAN.5

    • With SOG-IS era coming to an end on 26 February 2025, being officially open for the EUCC evaluations in Spain expands our capabilities to better serve the growing needs of the EU cybersecurity market. 

    Sergio Casanova

    Sergio Casanova
    ​Chief Technology Officer at Brightsight

    "Achieving EUCC High assurance authorization from the ANCC for both our Barcelona and Madrid laboratories represents a significant milestone in Brightsight's commitment to the European cybersecurity certification ecosystem. We are proud to contribute to Spain's strong Common Criteria tradition by bringing our expertise to the EUCC framework at the highest assurance levels. This dual authorization, together with our Dutch licence, positions Brightsight as the go-to partner for manufacturers navigating the transition from SOG-IS to EUCC, ensuring continuity and the highest standards of security assurance across Europe."

    Interested?

    Are you seeking EUCC compliance? Partner with Brightsight, the number one lab in Common Criteria and the EUCC Certification Body. Our strongest asset is our ability to offer EUCC evaluations alongside other key regulations and standards, such as the EU Cyber Resilience Act (CRA), the Radio Equipment Directive (RED), the Payment Card Industry Security Standard Council (PCI SSC), and the Security Evaluation Standard for IoT Platforms (SESIP). 

    Contact us for more details – our technical experts are ready to assist you. 

    Contact us

    Enjoyed this article?

    Stay up-to-date with our news, updates and latest developments by following us on LinkedIn.

    Stay tuned—follow us on LinkedIn

    Don't miss any of our news, updates and latest developments – subscribe below to our newsletter. 

    The Brightsight Bulletin

    Sign up for the Brightsight Bulletin, our newsletter tailored for companies manufacturing and developing IT security products from across the payment, Internet of Things, medical, automotive, industrial, government, telecommunication and network or integrated circuit sectors.

    Get informed about: 

    • The latest cybersecurity news and regulatory developments for your products’ security evaluation and certification;
    • Expert insights;
    • Brightsight activities, including events and webinars.

    Whether you're shaping digital strategy, driving innovation, or simply staying informed, our curated content delivers clarity and inspiration straight to your inbox. Brightsight helps you see what’s next—before it happens.

    The Brightsight Bulletin

    Sign up for the Brightsight Bulletin, our newsletter tailored for companies manufacturing and developing IT security products from across the payment, Internet of Things, medical, automotive, industrial, government, telecommunication and network or integrated circuit sectors.

    Get informed about: 

    • The latest cybersecurity news and regulatory developments for your products’ security evaluation and certification;
    • Expert insights;
    • Brightsight activities, including events and webinars.

    Whether you're shaping digital strategy, driving innovation, or simply staying informed, our curated content delivers clarity and inspiration straight to your inbox. Brightsight helps you see what’s next—before it happens.

    Categories -
    Schemes
    Tags -
    EUCC ITSEF