- 博客(95)
- 收藏
- 关注
RSS订阅原创 Highlights from ICMC 2025
ICMC 2025 wrapped up last week, and it was both informative and entertaining.
2025-04-17 08:47:39
709
原创 ICMC 2025 has Kicked Off!
The ICMC is here once again, and there’s so much to learn!
2025-04-09 11:06:51
565
原创 ENISA Announces Protection Profile for 3D House Printers
Advances in 3D printing have necessitated a new set of security standards.
2025-04-01 13:44:47
652
原创 Digging into some FIPS ‘n’ Chips
atsec’s FIPS ‘n’ Chips crypto module bootcamp wrapped up this week, and it was a blast!
2025-03-31 08:36:06
636
原创 Developing the Future at the EU Cyber Acts Conference
atsec recently attended and spoke at the EU Cyber Acts Conference!
2025-03-28 08:25:31
339
原创 支付页面安全与E-Skimming防护----浅谈PCI DSS v4.0.1要求6.4.3与11.6.1的实施
电子商务中支付页面安全尤为重要,而E-Skimming攻击通过注入恶意脚本窃取支付信息威胁日益加剧。PCI DSS要求6.4.3关注于脚本的授权、完整性验证和清单管理,要求11.6.1强调检测和响应未经授权的修改,协助机构防范相关安全风险。
2025-03-26 11:01:40
880
原创 A Glimpse of the Future: NIST’s KEM Workshop
NIST held a workshop on the future of Key Encapsulation Mechanisms (KEMs), featuring several interesting proposals.
2025-03-14 10:34:47
726
原创 Happy International Women’s Day
atsec information security wishes all women a wonderful International Women’s Day.
2025-03-10 10:06:08
193
原创 FIPS ‘n’ Chips Crypto Module Bootcamp
atsec and UT Austin are excited to host the second Crypto Module Bootcamp, free for all participants!
2025-03-04 08:45:25
940
原创 Exciting News: The Publication of ISO/IEC 19790:2025 and ISO/IEC 24759:2025
The cryptographic module validation community has been eagerly anticipating this moment!
2025-03-03 09:19:54
737
原创 atsec Becomes the First Accredited EUCC Conformity Assessment Body
atsec is the first accredited EUCC Conformity Assessment Body!
2025-03-03 07:44:52
820
原创 atsec成为首家获得认可的EUCC合格评定机构
atsec荣幸地宣布成为了新的欧盟通用评估准则(EUCC:EU Common Criteria)认证体系的首家获得认可的合格评定机构(CAB:conformity assessment body)。凭借此项认可,atsec能够为实质性和高1 保障级别(Substantial and High assurance level)提供认证和评估服务,并在认证后提供合规支持。
2025-02-21 12:23:32
317
原创 atsec Adds GSMA MDSCert Evaluations to its Service Offerings
atsec now offers MDSCert evaluations for mobile device vendors!
2025-02-20 09:07:51
483
原创 CST Newsletter February 2025
Dive into our February CST newsletter for the latest CMVP updates and more.
2025-02-20 09:07:37
596
原创 PCI PIN标准近期更新及动态分享
随着支付产业内的技术发展,PCI PIN标准一直在动态地演进。在2024年里,PCI标委会通过更新Technical FAQ文档以及定期召开QPA网络研讨会的方式,对出现的新技术方案提出了相应安全要求,对实际评估过程中遇到的具体问题做了相关澄清和解读。笔者将会从如下几个方面来和大家分享相关的更新。
2025-02-10 15:43:50
593
原创 atsec’s Common Criteria Services
Get the ball rolling on a Common Criteria evaluation with our helpful presentation.
2025-01-17 14:34:48
211
原创 针对云加密机PCI PIN标准要求及其实践
近年来,随着云计算技术的深入应用,多家云服务提供商和加密机制造商推出了“HSM as a Service”的服务,通常也会被称为云加密机服务。其带来的便利性和灵活性吸引着越来越多支付行业内的厂商(包括支付交易处理厂商,终端制造商等)考虑使用“HSM as a Service”方案来实现PIN交易系统、密钥注入系统等。
2025-01-17 14:31:16
524
原创 Happy Birthday, atsec!
On January 11th 2025, atsec celebrates 25 years in business.
2025-01-13 10:10:05
195
原创 Happy Holidays from atsec!
Happy holidays and a happy New Year from atsec!
2024-12-20 15:03:42
102
原创 现代网络架构PCI DSS合规范围确定和网络分割措施实施探讨
本文档主要探讨云环境和现代网络架构的分割控制,并为有关组织提供如何将传统网络安全原则适用于具有动态性和分布式特性的现代网络架构环境的建议,以支持组织更好的符合 PCI DSS标准要求。
2024-11-29 21:41:16
1072
原创 Final Call to Submit for Interim Validation
The CMVP is moving back to its normal certification process, which means interim submissions are being closed.
2024-11-28 09:04:49
317
原创 atsec at the PCI Community Meeting 2024
The PCI (Payment Card Industry) Security Standards Council had its 2024 Asia-Pacific Community Meeting in Hanoi, Vietnam from the 20th to the 21st of November, and atsec both hosted a booth and gave a presentation at the conference.
2024-11-26 09:03:49
311
原创 atsec at the CCUF and ICCC24 in Qatar
This last Sunday, members of theCommon Criteria User Forum(CCUF) gathered in Qatar for the 26thCCUF Workshop to discuss several pertinent topics, including the ISO updates, iTC support, and the CCRA.
2024-11-05 15:16:47
871
原创 Strengthening IoT Security: The Role of SESIP Certification
The rapid expansion of the Internet of Things (IoT) revolutionized industries, cities, and homes, connecting billions of devices to streamline operations and enhance everyday life.
2024-10-10 08:57:37
1131
原创 ICMC 2024 Update
It was nice to see our colleagues, partners, and friends in person at the ICMC 2024 in San Jose;
2024-10-10 08:57:10
170
原创 PCI支付卡产业第三方服务供应商TPSP的管理与实践
本文主要探讨如何识别在PCI DSS审核范围内的第三方服务提供商(TPSP),并且分享从引入TPSP到日常管理TPSP的一系列最佳实践方法,以达到PCI DSS的合规要求,最终确保持卡人数据得到有效保护。
2024-10-08 20:48:51
1014
原创 The NCCoE’s Automation of the CMVP
The NCCoE presented an update for the Automated CMVP at ICMC 2024 – we have a bit more detail on atsec’s involvement!
2024-09-23 09:28:51
842
原创 ICMC 2024 has Arrived, and We’ll See You There
It’s finally time for the International Cryptographic Module Conference this year! ICMC 2024 will perhaps be the most energized ICMC to date, as post-quantum cryptography (PQC)
2024-09-19 09:13:21
1009
原创 Exciting Milestone: First atsec Cybersecurity Certificates Issued for Common Criteria
We are thrilled to announce that atsec’s Certification Body (CB) officially issued its first cybersecurity certificates for Common Criteria.
2024-08-29 10:34:27
656
原创 atsec出席2024 PCI社区会议
atsec将参加2024年11月20日和21日在越南河内举行的支付卡产业安全标准委员会(PCI SSC: Payment Card Industry Security Standards Council)亚太社区会议,并与往年一样设置展位。
2024-08-27 14:36:30
286
原创 First Post Quantum Cryptographic Algorithm Certificates Issued
NIST published the final version of FIPS 203 (ML-KEM), FIPS 204 (ML-DSA), and FIPS 205 (SLH-DSA) on August 13, 2024, making the first post-quantum cryptographic (PQC) algorithms official and wrapping up an eight-year effort to prepare us.
2024-08-19 09:53:14
1167
原创 atsec再次成为2024-2026年度的PCI GEAR成员
atsec自2018年PCI GEAR成立之初就加入了PCI GEAR。2024年,atsec是PCI GEAR的33个成员之一,致力于在全球范围内保护支付数据。作为战略合作伙伴,圆桌会议成员代表评估者社区为PCI安全标准委员会(SSC:Security Standards Council)的计划和项目带来了产业、地域性和技术性的见解。
2024-08-15 09:11:27
833
原创 atsec增加Swift CSP评估资质
atsec信息安全评估员现已被Swift列为Swift客户安全计划(CSP:Customer Security Programme)认证评估员目录中的评估提供商,可以帮助全球金融机构评估其针对CSP强制性和咨询性控制的合规级别。在金融行业,Swift要求使用其消息平台的金融机构接受独立评估提供商的评估,以加强围绕其金融消息服务的安全生态系统。
2024-08-06 14:40:53
527
原创 Guiding the Way through the World of Cyber Security
It is atsec’s firm belief that effective security assurance can only truly be accomplished when the product developers proactively incorporate security requirements they thoroughly understand.
2024-08-06 08:48:44
649
原创 First SP800-140Br1 Compliant FIPS 140-3 Certificates
On July 11th, 2024, the first three FIPS 140-3 certificates forNIST’s SP800-140Br1pilot program were posted on the NIST website. atsec information security was one of the labs that took part in the pilot program.
2024-07-15 10:51:03
779
原创 Changes Coming to NIAP Entropy Assessment Reports in 2025
Recently, NIAP announced that Entropy Assessment Reports (EARs) must include a NIST Entropy Source Validation (ESV) certificate starting at the turn of the year on January 1st, 2025.
2024-06-17 08:46:13
548
原创 支付卡产业最新发布PCI DSS v4.0.1
自2022年3月PCI DSS v4.0发布以来,受到全球支付产业高度关注,为了解决来自所有产业相关者的反馈和问题,PCI安全标准委员会(PCI SSC)发布了该标准的修订版PCI DSS v4.0.1。其中包括对格式和印刷错误的更正,也澄清了一些要求和指南的重点和意图。本修订版中没有附加或删除的要求内容。
2024-06-13 10:49:39
717
原创 BSI NESAS CCS-GI Scheme Updates
We'd like to inform our customers and partners that the German Federal Office for Information Security (BSI) recently published new documents approving the use of additional Security Assurance Specifications (SCAS).
2024-06-11 10:11:03
939
原创 EUCC and Cybersecurity Certification in Europe
The European Union Agency for Cybersecurity (ENISA) hosted acybersecurity certification conferenceon April 18, 2024, in Brussels, Belgium. The conference very much focused on the implementation of the EUCC - European Cybersecurity Certification Scheme.
2024-04-24 09:20:28
660
原创 atsec Adds FIDO Evaluation Qualification
atsec information security (branded as “atsec”) has been qualified by the FIDO Alliance as one of the FIDO Accredited Security Laboratories to evaluate the authenticator products.
2024-04-11 09:29:52
545
空空如也
空空如也
TA创建的收藏夹 TA关注的收藏夹
TA关注的人