CygnaCom operates a multi-site security testing laboratory dedicated to Common Criteria. Combined these laboratories accredited to conduct CC (or ISO 15408) evaluations under U.S., Canadian, and Turkish schemes.
Our staff of highly qualified evaluators will guide your product through the Common Criteria process and deliver on time and within budget certification. CygnaCom evaluation services are individually tailored to client’s needs. From vendors going through the process for the first time to evaluation veteran teams looking for rapid certification, we will provide the right amount of guidance at competitive prices.
Our certification to operate under multiple Schemes enables us to offer our clients flexibility to choose optimal compliance strategy. While Common Criteria Recognition Arrangement (CCRA) dictates that evaluations are recognized in all participating countries, there are some limitations associated with this agreement. CygnaCom can help you navigate these limitations by obtaining certificates optimally tailored to the U.S., Canadian, or EU regions.
CygnaCom offers Pre-Evaluation Services to assist your organization with preparing for the evaluation. Our security engineers will help your organization avoid frustrating delays and additional costs by making sure your product and your team is ready for the evaluation.
Pre-Evaluation process will guide you through:
- Identifying areas of non-conformance
- Addressing unmet criteria
- Defining the boundary of the Target of Evaluation (TOE)
- Determining Protection Profile (PP) conformance
- Evaluating applicability of existing documentation
Evaluation and Assurance Continuity
CygnaCom offers a full range of evaluation and re-certification services including evaluation conforming to ‘standard’ and ‘collaborative’ Protection Profiles, and high-assurance EAL certifications.
Our testing sites are uniquely positioned to offer evaluations tailored to EU, US, and Canadian markets. Our close integration with the CygnaCom FIPS lab allows us to conduct in-house complex evaluations requiring concurrent validation of cryptographic functionality.
Evaluation Support and Evidence Development
CygnaCom offers a wide range of evaluation support services freeing your team to develop your product. CygnaCom’s unique multi-site setup allows us to write evidence and to evaluate the product simultaneously while avoiding potential conflict of interest issues.
The following support services are available:
- Creating evaluation evidence, including Security Target and EAL-style reports
- Entropy analysis and writing Entropy Assessment Report (EAR)
- Guiding the product through the Protection Profile compliance process
- Addressing observation reports and resolving non-conformance issues
- Advocating your point of view to the Scheme
- Project management and scheduling of evaluation activities
- Certification consultancy for future products