• English |
• Deutsch |
• Русский

Security

Participation in secure product design, audit and certification for many years made Aruberusan a comprehensive provider of information security services. We advise through the complete development, production and delivery cycle of the product and perform security risk assessment, security risk management, security optimization, security design and engineering. Our goal is to develop the products according to the client's specifications that still meet the security requirements of the contemporary market.

Aruberusan provides training for the software developers and testers that allow the companies to keep a sustainable level of security on their own. Analysis and mitigation of security risks is well known to be cheaper than fixing the products after the fact. The training of the designers and developers is essential for this task.

Aruberusan assists in security certification of the products according to the ISO 15408 "Common Criteria for Information Technology Security Evaluation". Please, see below for more details.

As an independent security consulting firm, we are not affiliated with any manufacturer or vendor of security equipment, nor do we profit in any way from a client's selection of vendors or contractors. Our primary objective is to help clients to provide maximum protection for their assets while obtaining the most value and benefit from their security resources. Aruberusan conducts itself with integrity, adheres to the highest professional standards, and is always responsive to our clients. We adhere to the Codes of Conduct and Ethics of the International Association of Professional Security Consultants (IAPSC).

Aruberusan can do much more to ensure your products are secure and usable to satisfy your customers. Please, contact us to guarantee your success.

Common Criteria evaluations

The Common Criteria for Information Technology Security Evaluation (abbreviated as Common Criteria or CC) is an international standard (ISO/IEC 15408) for computer security certification.

Aruberusan has a long history of hands-on product security evaluations according to the Common Criteria for Information Technology Security Evaluation at various European laboratories and schemes.

We have personal relationships and working connections with the following schemes:

• CESG (United Kingdom)
• CCN (Spain)
• BSI (Germany)
• NLNCSA (The Netherlands)
• ANSSI (France)

The complete list of schemes can be consulted on the Members of CCRA list at The Common Criteria Portal

We have a working relationship with a number of laboratories that perform the evaluations according to the Common Criteria in several European countries. These laboratories have a long-standing reputation in security.

Each scheme and each laboratory has particular strengths and pecularities in their interpretation of Common Criteria and the Evaluation Methodology. Depending on the product and the experience of the company-developer the choice of the laboratory can be crucial for the success of the evaluation and certification. We can assist with the selection of the scheme and laboratory according to your needs.

Aruberusan can assist in various stages of the preparation of the product evaluation and certification, including planning, negotiation with laboratories and schemes, preparation of the Security Targets and Protection Profiles, assistance to the developers in documentation preparation and organisation of the processes, site assessment and procedure verification, project management, problem resolution and reports review.

Aruberusan can do much more for the quick delivery of your security certificate. Please, contact us to guarantee your success.

Menu:

• Introduction
• Strategic Management
• Security
• Smart Cards
• Standards & Certification
• Contacts & Legal

• News and discussions