Securify gains higher security rating

Securify officials say they can offer federal users one of the strongest solutions for gaining visibility and control of critical network functions because the company’s security monitoring system has achieved a higher Common Criteria evaluation.

The company’s SecurVantage 5.0 has moved from Evaluation Assurance Level 2 to EAL3 after undergoing six months of stringent testing by the independent CygnaCom Security Evaluation Laboratory, Securify officials said.

“This means that the review of [Securify’s] implementation of security features has [undergone] more thorough testing,” said Jose Caldera, the company’s security architect. SecurVantage is an automated security system that allows users to generate business-driven security policies, monitor network compliance, produce relevant network operational information. It also provides network and application trend reporting.

The Defense Information Systems Agency, DOD’s Special Operations Command, and the Department of Health and Human Services use SecurVantage to improve the security of their networks, Securify officials said.

The Common Criteria Evaluation and Validation Scheme is an international standard that proves that security products’ integrity and underlying technology have been tested and validated against known criteria. A third-party source performs the testing. The National Institute of Standards and Technology and the National Security Agency established the National Information Assurance Partnership (NIAP) to evaluate information technology products’ conformance to the Common Criteria standard.

The Government Accountability Office has criticized NIAP recently for not doing enough to educate agencies or vendors about Common Criteria. A GAO report issued earlier this month also chided NIAP for not providing metrics or evidence that the Common Criteria improves product security.

In addition, the report states that the Common Criteria process takes so long to complete that agencies often find that the products they need are not on the list of certified offerings or that only older versions have been accredited.

Securify officials noted that the process could be streamlined. Steve Woo, Securify’s vice president of marketing, said Common Criteria testing improves the security of products.

This is Securify’s second time going through the process, he said. Common Criteria testing has helped the company make significant changes in its software development, he added.

Featured

  • Defense
    Soldiers from the Old Guard test the second iteration of the Integrated Visual Augmentation System (IVAS) capability set during an exercise at Fort Belvoir, VA in Fall 2019. Photo by Courtney Bacon

    IVAS and the future of defense acquisition

    The Army’s Integrated Visual Augmentation System has been in the works for years, but the potentially multibillion deal could mark a paradigm shift in how the Defense Department buys and leverages technology.

  • Cybersecurity
    Deputy Secretary of Homeland Security Alejandro Mayorkas  (U.S. Coast Guard photo by Petty Officer 3rd Class Lora Ratliff)

    Mayorkas announces cyber 'sprints' on ransomware, ICS, workforce

    The Homeland Security secretary announced a series of focused efforts to address issues around ransomware, critical infrastructure and the agency's workforce that will all be launched in the coming weeks.

Stay Connected