Corsec Security, Inc. Has Moved...Again!

WASHINGTON - July 30, 2015 - PRLog -- Herndon, VA – July 30th, 2015 –In response to client demand, Corsec has recently relocated our global headquarters to Herndon, Virginia. The significantly larger space houses critical infrastructure and a growing staff of tech professionals. The new facility is equipped with comprehensive security features as well as FIPS 140-2 validated and Common Criteria certified products, boosting security for client’s intellectual property.

Certifications & Validations: A Changing Landscape
COMMON CRITERIA – New protection profiles, technical communities, and requirements for entropy for certain evaluations, as well as changes in guidance from member nations, are among Common Criteria’s changes. Clients who engaged Corsec early on in their product’s development phase have found they no longer have to undergo product redesign to successfully achieve certification.

FIPS 140-2 – Recent implementation guidelines from the Cryptographic Module Validation Program (CMVP) have been employed. Heart bleed, deprecated algorithms, and support for Suite B, are among the nagging issues.

UC APL – The establishment of the Unified Capabilities Approved Product Listing (UC APL) centralized DoD security validation requirements for IT purchases and consolidated the efforts of the Army, Navy, Air Force and Marine Corps into a single unified list. Over the last five years, DoD spending on IT products has grown to over $30 billion. UC APL requirements, and the number of alterations in product listing requirements, have seen significant change. Vendors must meet a growing number of STIGs, including: increased scrutiny in information assurance and information operability testing, CAC password authentication requirements, and IPv6.

The Changing Nature of Security Threats
Security breaches from Target to Sony, to the U.S. government, have become a daily occurrence. The consequences—loss of personal data and confidence, denial of service, and impact to critical infrastructure—are now forcing CIOs, CEOs and CISOs to mandate third-party validation best practices as prerequisites to enterprise systems. As security threats move into consumer interests, everyday people face what was once seen as exclusively a federal or corporate challenge. While security certifications and validations do not prevent attacks entirely, they do ensure best practices in product security development, which helps mitigate risks and the potential impact to consumers and governments alike. With certifications and security validations, consumers are better prepared to deal with potential security breaches.

The Corsec Solution
A Commitment to Securing IP That Is Second to None
Corsec’s new headquarters, located outside the nation’s capital and inside the Washington, D.C. area’s technology corridor, preserves Corsec’s proximity to the “federal hot spot.” This allows us to play an important role in influencing industry regulations while also residing among the most influential IT firms in the area. In addition, our new state-of-the-art video conferencing system enables us to connect with clients and colleagues around the globe.

The intellectual property of Corsec’s clients is protected around the clock by our state-of-the-art infrastructure, which includes FIPS 140-2 and Common Criteria certified products. Features of our custom-designed laboratory include:

·      An electronically-controlled and logged two-factor access portal that exceeds Common Criteria requirements
·      A security monitoring system with video recording 24/7/365
·      Independent environmental controls with backup to ensure safe and continued operations
·      Per-rack UPS protection
·      Redundant fiber optic connectivity
·      High Availability firewall configuration
·      Switched gigabit LAN (with 10GB capability)
·      VLAN architecture
·      Isolated lab VLAN, which can be further isolated as needed
·      Up to 40U rack space per customer
·      Personnel and logical material controls

Solving Client Issues
Corsec’s two paths for clients seeking security certifications and validations are:

Our Turnkey Approach: For Clients Who Are Ready
Corsec’s turnkey approach was designed for companies seeking the least risky path to certification, or for companies with critical go-to-market timelines. This end-to-end management of the certification process includes: Advisory, Design Engineering Consulting, Documentation, Engineering, Enterprise Lab, and Maintenance & Compliance services. In addition, all phases of program management, oversight, government interaction, and associated costs, are covered.

Our Assessment & De-Risking Service: For Clients Who Are Unsure
Companies attempting to enter the federal or corporate markets are confronted with a number of questions. During a client’s initial assessment, Corsec provides an introduction (an overview of a certification’s standards, history, requirements, and applicability), government and testing requirements, the role of accredited labs, and a timeline for certificate issuance. We also complete a Certification Competitive Intelligence Review to understand competitors’ certification activities and any opportunities for differentiation. We perform an in-depth review of the customer’s product and produce a Compliance Gap Analysis. Our formal Compliance Report outlines product gaps, documentation gaps and includes a recommended path to certification and our Statement of Work includes level of effort and cost of certificate issuance.

About Corsec Security, Inc.
Corsec assists companies through the IT security certification process for FIPS 140-2, Common Criteria (CC) and UC APL. We are a privately owned company focused on partnering with IT organizations worldwide to assist with the process of security certifications and validations. Our certification methodology helps open doors to new markets and increase revenue for clients with products ranging from mobile phones to satellites. Our broad knowledge safeguards against common pitfalls and thwarts delays, translating to a swift and seamless path to certification. Corsec has created the benchmark for providing business leaders with fast, flexible access to industry knowledge on security certifications and validations.

Press Contact
Jake Nelson
(703) 267-6050 x122
jnelson@corsec.com