SEATTLE, Aug. 23, 2017 /PRNewswire/ -- Lightship Security, an Ottawa, Canada based consulting and advisory firm, alongside Peach Tech, a Seattle, US based security software firm, are proud to announce their partnership to support customers in their pursuit of product certification against the internationally recognized security standard, Common Criteria (CC).
Common Criteria CC (ISO 15408) is the leading international standard designed to evaluate and certify the security robustness of software products and devices, such as operating systems, gateway devices, firewalls, and PC security tools. One way the CC accomplishes this is through the specification of 'Protection Profiles' that define a uniform set of security functions and test activities for a given technology. Recent Protection Profiles have required products to be fuzz tested as part of the vulnerability assessment portion of the certification process (e.g. Collaborative Protection Profile for Network Devices, v2.0).
Fuzz Testing Fuzz testing is a security testing technique used to identify unknown vulnerabilities, coding errors, and security loop holes. By injecting copious amounts of random and malformed data, called fuzz, into a test target, a quality assurance or security professional attempts to cause a crash or failure. In review of the data arising from the crash, engineers and developers can enhance the overall security robustness of their products.
Peach Fuzzer Peach Tech has developed and maintains the industry-leading fuzz testing platform named Peach Fuzzer. The Peach Fuzzer platform uses automated generative and mutational modeling and intelligent test case generation to reveal the hidden bugs that other testing methods miss. Outputs of detailed reports provide the information customers need to find and fix potential security threats.
Lightship Security - Greenlight Lightship assists vendors achieve CC certification using their innovative Conformance Automation Platform - Greenlight. The Greenlight Platform provides Lightship clients with comprehensive automated CC testing capabilities for any number of technologies in support of their CC certification efforts. Lightship understands the evaluation process from end to end and have developed Greenlight to address the specific needs of the various industry stakeholders – vendors, labs, consultants and certification bodies.
Pairing of Software and Services Lightship and Peach have partnered to better assist customers tackling the prescriptive CC fuzzing requirements:
Integrating Peach Tech's Peach Fuzzer platform into Lightships' Greenlight service offering gives customers the peace of mind that their products meet the latest CC fuzz testing requirements.
With Lightship acting as an authorized reseller of the Peach Fuzzer platform, vendors and testing labs get access to the power of Peach technology to pre-validate their implementations with confidence.
A tuned fuzzing module and professional services have been packaged to target the right protocols and interfaces specifically for CC testing.
Lightship Security Lightship Security specializes in conformance automation and security certification services. They support their client's entire validation and certification needs for CC, FIPS 140-2 and other internationally required standards.
Peach Tech Peach Tech provides advanced security testing solutions and leading-edge products, such as the robust fuzzing platform Peach Fuzzer. Their acclaimed automated fuzz testing platform gives users the tools to secure their products by eliminating potential security threats before deployment and release. They customize testing strategies for security-minded clients engaged in all stages of development. Leverage the power of Peach Tech to secure your world.