atsec information security is an international, independent, standards-based Information Technology security consulting, evaluation, and testing services company that combines a business-oriented approach to information security with in-depth technical knowledge. Through our presence in Europe, U.S. and Asia, we address commercial and government sectors worldwide. Our colleagues are experts in various technologies, including operating systems, databases, network devices, embedded systems, and many more. Our laboratories evaluate and test commercial products against standards such as Common Criteria, FIPS 140-3, O-TTPS, PCI, ISO/IEC 27001, NESAS, MDCert, SESIP, IEEE 2621 Medical Device Certification, and FIDOO to assure users about the security of products they buy and use. We have conducted many vulnerability assessments, cryptographic tests, security audits, and independent assessments for customers of varying sizes, including customers in the telecommunications, financial, energy, and defense sectors. atsec is a leader and key contributor to the industry, as evidenced by our founding of the annual International Cryptographic Module Conference (ICMC). We actively contribute to the various Common Criteria working groups, the ISO working group that authors the standard for cryptographic module validation, known as ISO/IEC 19790, to the GSMA security groups, and to the European Cyber Security Act working groups.
Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud, offering over 200 fully featured services from data centers globally. Millions of customers—including the fastest-growing startups, largest enterprises, and leading government agencies—are using AWS to lower costs, become more agile, and innovate faster.
OpenSSL is an open-source software library used for secure communication over computer networks. It provides robust cryptographic functions, including encryption, decryption, and certificate handling, essential for implementing secure internet protocols like TLS (Transport Layer Security) and SSL (Secure Sockets Layer). OpenSSL supports various cryptographic algorithms, such as AES, RSA, and SHA, ensuring data confidentiality, integrity, and authentication. Additionally, OpenSSL includes a FIPS 140 (Federal Information Processing Standard) mode, which ensures compliance with stringent security standards required for government and regulated industries. This makes OpenSSL a critical tool in cybersecurity, protecting sensitive information across diverse applications and systems.
PQShield is shaping the way the digital world is protected against tomorrow’s threats. Our expertise, clarity, and care have enabled us to deliver new global standards alongside real-world, post-quantum hardware and software upgrades – modernizing the vital security systems and components of the world’s technology supply chain.
A global leader in applied safety science, UL Solutions transforms safety, security and sustainability challenges into opportunities for customers in more than 110 countries. We deliver testing, inspection and certification services, plus software and advisory offerings that support our customers’ product innovation and business growth, including testing and evaluation Services for FIPS 140-2 and FIPS 140-3. UL certification Marks serve as a recognized symbol of trust in our customers’ products and reflect an unwavering commitment to advancing our safety mission. We help our customers innovate, launch new products and services, navigate global markets and complex supply chains, and grow sustainably and responsibly. From the adoption of electrification to the enablement of 5G and new mobility, we look toward new frontiers. Our science is your advantage.
wolfSSL, is the leading provider of embedded cryptography and boasts the world’s first SP800 140Br1 compliant FIPS 140-3 Validation Certificate #4718 for wolfSSL’s wolfCrypt module. wolfSSL focuses on providing lightweight and embedded security solutions with an emphasis on speed, size, portability, features, and standards compliance. With its SSL/TLS products and crypto library, wolfSSL is supporting high security designs in government, automotive, avionics and other industries. For government consumers, wolfSSL has a strong history in FIPS 140-2/3, with Common Criteria support. In avionics, wolfSSL has support for complete RTCA DO-178C level A certification. In automotive, it supports MISRA-C capabilities. wolfSSL supports industry standards up to the current TLS 1.3 and DTLS 1.3, is up to 20 times smaller than OpenSSL, offers a simple API, an OpenSSL compatibility layer, is backed by the robust wolfCrypt cryptography library, and much more. Our products are open source, giving customers the freedom to look under the hood. wolfSSL has a mean time to release a fix for vulnerabilities of less than 36 hours, offers commercial support up to 24/7, and has the best tested cryptography and the largest team of software engineers dedicated to crypto in the market today.
Intertek Acumen Security recognizes that product certifications are business enablers. Our goal is to evaluate and help you get your products certified in the most time- and cost-efficient manner. With unparalleled expertise in cybersecurity and cryptography, we’ll position you to best meet challenging government security requirements. Our familiarity and understanding specific to the CSfC capability packages along with knowledge of required CSfC selections of appropriate NIAP Protection Profiles, we can ensure your Common Criteria evaluation can be seamlessly leveraged for CSfC qualification. Expert services include gap analysis and strategy workshop, documentation development, and post-certification support. Learn more at http://www.intertek.com/cybersecurity.
The Cybersecurity division of DEKRA is an internationally recognized leading Common Criteria IT security evaluation facility and FIPS 140-3 testing laboratory for cryptographic modules. The lab is accredited under the CCRA terms in the Spanish and Turkish schemes for the latest Common Criteria version and in the Spanish scheme under the SOGIS terms in the Hardware Devices with Security Boxes Technical Domain. DEKRA is also accredited by the USA NIST Cryptographic Module Validation Program (CMVP).
Founded in 2012, SafeLogic is a premier provider of cryptographic software solutions that enable enduring privacy and trust in the ever-changing digital world. SafeLogic’s CryptoComply FIPS 140-3 validated cryptographic modules support a broad range of platforms, programming languages, and operating environments. Its FIPS Validation-as-a-Service expedites the delivery of CMVP certificates for CryptoComply customers and then keeps those certificates active over time. CryptoComply is also the basis for SafeLogic’s post-quantum cryptography (PQC) capabilities including PQC algorithms, hybrid and pure PQ TLS, and policy-driven crypto-agility. SafeLogic’s newest product is a standalone CAVP-certified Entropy Provider. For more information, go to http://www.safelogic.com.
Teron Labs is a FIPS 140 laboratory based in Australia. We are also a Common Criteria (CC) laboratory under the Australian Information Security Evaluation Program (AISEP). Our CC evaluations are regularly cross-posted the NIAP PCL. Our goal is to help organisations around the world to gain certifications in a timely and predictable manner. We understand that delays in the certification process can result in a loss of sales for your business, therefore, we are able to work with you closely throughout the product development and evaluation processes to make sure that your product is able to be certified without encountering any roadblocks. Unlike other laboratories, which are embedded within large multinational and general cyber security services organisations, the focus of Teron Labs is security testing of ICT products, specialising in FIPS 140 and Common Criteria. This focus, together with a simpler business structure and low overheads, provides Teron Labs with a competitive edge in delivering personalized consulting and testing solutions.
Pseudo random number generators are vulnerable to hacking because they tend to have a predictable pattern hackers can exploit. The weak entropy problem is compounded for FinTech & IoT devices with limited access to physical random events such as mouse movement. EYL provides Quantum random number generator that extracts randomness from radioactive isotope put in the very tiny chip(3x3mm) in order to generate powerful encryption keys.
ABI Research is a global technology intelligence firm uniquely positioned at the intersection of technology solution providers and end-market companies. We serve as the bridge that seamlessly connects these two segments by providing exclusive research and expert guidance to drive successful technology implementations and deliver strategies proven to attract and retain customers.
The Common Criteria Users Forum (CCUF) was founded in 2012 and is a community based around those using the Common Criteria and ISO/IEC 15408 standards. The Common Criteria Users’ Forum mission is to provide a voice and communications channel between the CC community and the CC organizational committees, CC evaluation schemes, and policy makers. To join, go to http://www.ccusersforum.org/.
The Cryptographic Module User Forum (CMUF) mission is to provide a voice and communications channel between the community of UNCLASSIFIED cryptographic module (CM) and UNCLASSIFIED cryptographic algorithm developers, vendors, consultants, test labs and other interested parties, and the various national, international, and multi-lateral organizational committees, schemes, and policy makers. To Join the CMUF contact any CMUF Steering Committee member.
GlobalPlatform is a technical standards organization that enables the efficient launch and management of innovative, secure-by-design digital services and devices, which deliver end-to-end security, privacy, simplicity and convenience to users. It achieves this by providing standardized technologies and certifications that empower technology and service providers to develop, certify, deploy and manage digital services and devices in line with their business, security, regulatory and data protection needs.
OASIS is a nonprofit consortium advancing open standards and open source development on a global scale. We’re the home of KMIP, STIX, TAXII, OpenC2, PKCS#11, SAML and CACAO course-of-action playbooks. One of our largest open source projects is the Open Cybersecurity Alliance (OCA). OCA is building an open ecosystem where cybersecurity products interoperate without the need for customized integrations. OCA open project operates independently under industry-approved process and IPR policies. All are welcome to participate.
Trusted Connectivity Alliance (TCA) is a global, non-profit industry association working to enable trust in a connected future. The organisation’s vision is to drive the sustained growth of a connected society through trusted connectivity which protects assets, end user privacy and networks.
TCA members are leaders within the global Tamper Resistant Element (TRE) ecosystem, and work collectively to define requirements and provide deliverables of a strategic, technical and marketing nature. This enables all stakeholders in our connected society to benefit from the most stringent secure connectivity solutions that leverage TCA members’ expertise in tamper proof end-to-end-security.