World-Class Information Security Expertise
CygnaCom Solutions has been providing professional information security services and cryptographic solutions to government and business clients since 1994. With a staff of highly qualified engineers, CygnaCom provides a wide range of consulting services and customized solutions to help clients develop, implement and maintain their information security programs, policies and strategy. Through its accredited laboratories, CygnaCom is also a one-stop provider of comprehensive U.S. standards-based security testing and evaluation services for IT and cryptographic products.
CygnaCom offers:
Information Security Consulting and Professional Services
We have expertise in all aspects of system security engineering, providing our clients with security risk assessments, security architecture, and security assurance consulting services.
Security Evaluation Laboratory (SEL)
The SEL is an original Common Criteria Lab evaluating security properties of IT products and systems against a common set of requirements.
Cryptographic Equipment Assessment Laboratory (CEAL)
The CEAL provides testing of hardware, software and algorithms for compliance with the FIPS 140-2 cryptographic standard.
CygnaCom can provide clients with some of the highest quality consulting services available, which is demonstrated by our nationally renowned expertise in information security, cryptography, software development, and the evaluation of security products.
Given the sensitive nature of the information exchanged during consulting services engagements and as part of security evaluations, CygnaCom has implemented a range of physical and system controls to protect the proprietary data supplied by customers and is committed to protecting such information.
Staff Experience and Expertise
CygnaCom's dedicated team of professionals has world-renowned expertise in third party assurance, cryptography, Public Key Infrastructure (PKI), operating systems, and database management systems. They possess a history of computer security evaluation that extends back to the early days of the NSA's efforts to evaluate the security of commercial computing equipment. Many were involved in the development and refinement of the criteria, in the evaluation and certification of computing products, in ensuring even application of the criteria (as part of the Technical Review Board), and more recently, in refining the Common Criteria specification and developing evaluation methods and establishing accreditation requirements.
Learn more 
Information Security Consulting and Professional Services
CygnaCom is focused on providing enhanced professional services to clients around the world. Specializing in Public-Key Infrastructure (PKI) and Information Assurance, CygnaCom has expertise in all aspects of system security engineering, and can provide clients with security risk assessments, security architecture, secure identity management, and security assurance consulting services including:
- Risk assessment
- Policies and procedures
- Conformance testing
- Planning and implementation
- System integration
- Perimeter security
- Identity management consulting and implementation
- Cryptographic algorithms
- Public Key enablement of applications
Learn more
CygnaCom Testing Laboratories
CygnaCom operates two security testing laboratories accredited by the National Voluntary Laboratory Accreditation Program of the National Institute of Standards and Technology (NIST). The CygnaCom laboratories perform compliance testing to verify that product design, implementation, and documentation meet certain security requirements recognized by the U.S. government. Typically, commercial products submitted for validation include operating systems, firewalls, and cryptographic modules. CygnaCom is a one-stop provider of comprehensive U.S. standards-based security testing and evaluation of both IT and cryptographic products.
One-Stop Security Testing
CygnaCom offers a full range of services to help clients navigate IT security standards and evaluation requirements including:
- An accredited Common Criteria (CC) product evaluation laboratory
- Product architecture, design, implementation, and documentation review
- Training for security product design and development teams
- Security product design and engineering-related consulting services
- An accredited FIPS 140-1/2 cryptographic module evaluation laboratory.
Learn more
Security Evaluation Laboratory (SEL)
The Security Evaluation Laboratory is a certified National Information Assurance Partnership (NIAP) Common Criteria Testing Laboratory authorized to conduct product evaluations according to the Common Criteria (ISO/IEC 15408) and the Common Evaluation Methodology under the U.S. scheme. The SEL is accredited to conduct evaluations up to Evaluation Assurance Level 4 (EAL4).
CygnaCom's SEL offers a full range of services to help clients navigate computer security standards and evaluation requirements including:
- An accredited Common Criteria (CC) product evaluation laboratory
- Product architecture, design, implementation, and documentation review
- Training for security product design and development teams
- Security product design and engineering-related consulting services
Cryptographic Equipment Assessment Laboratory (CEAL)
CygnaCom's CEAL is accredited to test hardware and software products for compliance with U.S. Government FIPS 140-2 and with FIPS algorithms such as Data Encryption Standard (DES), Triple DES, Skipjack, Secure Hash Standard, and Digital Signature Standard. FIPS PUB 140-1/2 is the Federal Information Processing Standards Publication number for "Security Requirements for Cryptographic Modules", published by NIST. This standard specifies the security requirements that are to be satisfied before a product can be utilized within a security system protecting unclassified information within computer and telecommunication systems.
The CEAL offers consulting services to identify compliance problems and suggest corrective actions for meeting FIPS 140-2 requirements. The CEAL also offers lectures and training sessions to prepare vendor teams for design, production, and documentation of FIPS 140-1/2 compliant devices. CygnaCom's CEAL has been designed to work with vendors, users, and the accrediting agency to verify that standards are being met without placing undue constraints upon product design or implementation.