- 博客(120)
- 收藏
- 关注
RSS订阅原创 Happy Holidays from atsec
Happy holidays and a happy New Year from atsec!
2025-12-18 09:10:58
151
原创 In Preparation for Thanksgiving
Thanksgiving is around the corner, so our colleagues brought their favorite dishes for a practice run.
2025-11-20 09:06:10
201
原创 atsec完成Newland NPT的P2PE PA评估
atsec中国完成了福建新大陆支付技术有限公司(以下简称“Newland NPT”)支付应用PaymentLink的支付卡产业(PCI:Payment Card Industry)点对点加密(P2PE: Point-to-Point Encryption)应用(Application)的安全评估。
2025-11-12 20:07:10
965
原创 通过Swift CSP评估提高金融安全
环球银行金融电信协会(Swift:Society for Worldwide Interbank Financial Telecommunication),本文中简称为“Swift”,作为一家全球性同业合作组织,Swift是世界领先的安全金融报文传送服务机构。Swift为金融机构提供报文传送平台和通信标准,并在连接、集成、身份识别、数据分析和合规等领域提供产品和服务。
2025-11-12 20:06:24
835
原创 atsec出席2025 PCI社区会议
atsec将参加2025年11月5日和6日在泰国曼谷举行的支付卡产业安全标准委员会(PCI SSC: Payment Card Industry Security Standards Council)亚太社区会议。
2025-10-31 15:43:46
209
原创 浅谈PCI DSS涉及的认证
在数字化技术不断提升的时代,账号盗用、数据泄露等安全威胁持续升级,简单的密码认证(Authentication)方式已难以抵御新的攻击方法。认证作为身份核验的重要技术,是提升访问控制安全性的基础。
2025-10-31 15:38:19
1048
原创 The Clock is Ticking to Prepare for the Cyber Resiliency Act
The release of the Cyber Resiliency Act is on the horizon, and it would be wise to begin preparations now.
2025-10-22 12:33:39
748
原创 atsec at the ICCC25 in Songdo, Korea
atsec is attending the ICCC25, where we’re excited to meet with our colleagues from across the globe.
2025-10-22 12:33:37
769
原创 atsec at the NCSA 4th Annual Cyber Governance & Assurance Conference
atsec attended the 4th annual Cyber Governance & Assurance conference and received its QCCS accreditation!
2025-10-05 14:06:51
781
原创 Building the Future: XDRBG’s Standardization as Part of SP800-90A
The algorithm for the XOF-based DRBG has been finished, and atsec is proud to have contributed to the project!
2025-09-19 09:23:02
428
原创 Becoming an Approved BSI-NESAS Lab: What’s New in the Updated Scheme
We are proud to announce that atsec Sweden is officially approved as a laboratory for BSI-NESAS evaluations.
2025-09-04 08:49:24
620
原创 Understanding the Update to NIAP Policy Letter #12: Don’t Leave Core Functionality Behind
NIAP’s update to Policy Letter #12 brings renewed focus on product functionality being properly included in evaluations.
2025-08-28 09:05:39
985
原创 atsec’s Company Conference Celebrating Our 25th Anniversary
atsec convened a company conference in Bali to reaffirm our commitment to excellence.
2025-08-19 10:11:24
554
原创 CLAR 2025 & BLESS 2025: Twin Conferences at the Forefront of Logic, AI, and Ethics
The CLAR 2025 and BLESS 2025 conferences converged on a shared mission: tackle pressing challenges with formal logic.
2025-07-01 09:00:10
1085
原创 Cybersecurity Testing Added to RED – atsec is on it!
The Radio Equipment Directive has new cybersecurity requirements that atsec is on top of!
2025-06-23 09:03:31
953
原创 CAVP Issues Updated Guidance on Algorithm Certificate Posting
CAVP has made it clear: just include facts in ACVTS data fields.
2025-06-18 08:47:15
955
原创 Happy Father’s Day
atsec wishes all fathers, grandfathers and fathers to be a happy Fathers’s Day!
2025-06-16 09:44:59
296
原创 Crucial Updates to Vulnerability Mitigation
NIAP has issued Policy Letter #17, which introduces significant changes to vulnerability mitigation.
2025-06-16 09:39:07
971
原创 PCI SSC推出PIN合规服务商列表计划
2025年5月,支付卡行业安全标准委员会(PCI SSC)正式推出PIN合规服务商列表计划(PIN Listing Program),旨在为产业相关机构识别和/或选择已验证符合PCI PIN安全标准的服务提供商的资源。作为PCI SSC授权的合格PIN评估机构(QPA:Qualified PIN Assessor),atsec可协助已完成PCI PIN合规评估的机构提交相关材料(合规证明AOC和厂商发布协议VRA等文件),从而将通过审核的服务商信息公开在PCI SSC官网的列表中。
2025-05-28 15:36:25
355
原创 22 Years of Good Luck and Hard Work
As atsec information security corporation celebrates its 22nd anniversary today, many of us took a moment to reflect on the journey so far. Our good friend and former colleague, Ken
2025-05-26 14:20:14
721
原创 atsec圆满完成2025年5月北京站PCI培训
来自于卡组织、银行、支付服务提供商、商户(如航空、游戏、电子商务领域)、硬件厂商等诸多机构从事支付安全或风险工作的同仁齐聚北京,参加了本次研讨会,分享了安全合规和风险处置的经验。
2025-05-26 14:19:38
338
原创 Now is the Time: Embracing the ACMVP at a Critical Crossroads
The ACMVP will arrive much sooner than expected.
2025-05-19 08:40:49
727
原创 开放可信技术提供商标准(O-TTPS)1.2版解析:技术演进、合规升级与全球供应链安全实践
开放可信技术提供商标准(O-TTPS:Open Trusted Technology Provider™ Standard)是由The Open Group主导的国际性技术安全规范,旨在通过可验证的供应链管理实践,确保商用现货(COTS:Commercial Off The Shelf)信息和通信技术(ICT:Information and Communication Technology)的可信性与安全性。
2025-05-14 08:38:08
920
原创 BSI’s Study Analyzing RBG Usage in Browsers
atsec conducted a study for the BSI on the use of RBGs in internet browsers.
2025-04-25 08:22:45
654
原创 Highlights from ICMC 2025
ICMC 2025 wrapped up last week, and it was both informative and entertaining.
2025-04-17 08:47:39
1045
原创 ICMC 2025 has Kicked Off!
The ICMC is here once again, and there’s so much to learn!
2025-04-09 11:06:51
730
原创 ENISA Announces Protection Profile for 3D House Printers
Advances in 3D printing have necessitated a new set of security standards.
2025-04-01 13:44:47
751
原创 Digging into some FIPS ‘n’ Chips
atsec’s FIPS ‘n’ Chips crypto module bootcamp wrapped up this week, and it was a blast!
2025-03-31 08:36:06
739
原创 Developing the Future at the EU Cyber Acts Conference
atsec recently attended and spoke at the EU Cyber Acts Conference!
2025-03-28 08:25:31
400
原创 支付页面安全与E-Skimming防护----浅谈PCI DSS v4.0.1要求6.4.3与11.6.1的实施
电子商务中支付页面安全尤为重要,而E-Skimming攻击通过注入恶意脚本窃取支付信息威胁日益加剧。PCI DSS要求6.4.3关注于脚本的授权、完整性验证和清单管理,要求11.6.1强调检测和响应未经授权的修改,协助机构防范相关安全风险。
2025-03-26 11:01:40
1248
原创 A Glimpse of the Future: NIST’s KEM Workshop
NIST held a workshop on the future of Key Encapsulation Mechanisms (KEMs), featuring several interesting proposals.
2025-03-14 10:34:47
796
原创 Happy International Women’s Day
atsec information security wishes all women a wonderful International Women’s Day.
2025-03-10 10:06:08
232
原创 FIPS ‘n’ Chips Crypto Module Bootcamp
atsec and UT Austin are excited to host the second Crypto Module Bootcamp, free for all participants!
2025-03-04 08:45:25
996
原创 Exciting News: The Publication of ISO/IEC 19790:2025 and ISO/IEC 24759:2025
The cryptographic module validation community has been eagerly anticipating this moment!
2025-03-03 09:19:54
850
原创 atsec Becomes the First Accredited EUCC Conformity Assessment Body
atsec is the first accredited EUCC Conformity Assessment Body!
2025-03-03 07:44:52
931
原创 atsec成为首家获得认可的EUCC合格评定机构
atsec荣幸地宣布成为了新的欧盟通用评估准则(EUCC:EU Common Criteria)认证体系的首家获得认可的合格评定机构(CAB:conformity assessment body)。凭借此项认可,atsec能够为实质性和高1 保障级别(Substantial and High assurance level)提供认证和评估服务,并在认证后提供合规支持。
2025-02-21 12:23:32
499
原创 atsec Adds GSMA MDSCert Evaluations to its Service Offerings
atsec now offers MDSCert evaluations for mobile device vendors!
2025-02-20 09:07:51
545
原创 CST Newsletter February 2025
Dive into our February CST newsletter for the latest CMVP updates and more.
2025-02-20 09:07:37
647
原创 PCI PIN标准近期更新及动态分享
随着支付产业内的技术发展,PCI PIN标准一直在动态地演进。在2024年里,PCI标委会通过更新Technical FAQ文档以及定期召开QPA网络研讨会的方式,对出现的新技术方案提出了相应安全要求,对实际评估过程中遇到的具体问题做了相关澄清和解读。笔者将会从如下几个方面来和大家分享相关的更新。
2025-02-10 15:43:50
1308
空空如也
空空如也
TA创建的收藏夹 TA关注的收藏夹
TA关注的人