Click here to close now.




















Welcome!

News Feed Item

AccessData Group Achieves Common Criteria Certification for Cyber Intelligence and Response Technology (CIRT)

In a welcome announcement for the new year; AccessData’s CIRT v.2.1.2 has received certification from Common Criteria, an internationally recognized standard for computer security certification, with an Evaluation Assurance Level (EAL) of 3+. Common Criteria provides a set of standards used by the federal government and other organizations to assess the security and assurance of technology products. Common Criteria implements and evaluates solutions, employing rigorous and consistent methodologies, to validate and rate their levels of security assurance. Common Criteria is the driving force for the widest available mutual recognition of secure and trusted IT products.

AccessData chose to invest in the certification to ensure CIRT is endorsed against internationally sanctioned and rigorous security standards. CIRT is the first and only product to integrate network and host forensics, malware analysis, large-scale data auditing and remediation capabilities. The solution delivers the functionality of AccessData’s SilentRunner network forensics solution, AD eDiscovery and AD Enterprise products through a single collaborative interface. Common Criteria has bestowed this certification upon CIRT for its data protection technology, including its ability to provide network surveillance (also, its ability to detect data spillage, and its ability to perform integrated root cause analysis in the event of a security breach). The core technology certified through Common Criteria exists in many of AccessData’s solutions.

This certification ensures the product was methodically tested and checked at an independent lab where a vulnerability analysis demonstrated resistance to penetration attackers. The lab found that CIRT v2.1.2 provides the means to identify and manage inappropriate data hosted on corporate end user workstations, file shares, and email message servers. It offers protection against attempts to breach system security by attackers. The lab gave CIRT its highest rating of all products it is currently testing. The EAL score of 3+ is recognized by all countries participating in the Common Criteria Recognition Arrangement (CCRA).

The evaluators determined that the initialization process is secure and that the security functions are protected against tamper and bypass. User guides were found to be sufficiently descriptive on how to use and administer CIRT, resulting in a secure configuration. The evaluators found that the CIRT v2.1.2 configuration items were clearly marked and the access control measures were effective in preventing unauthorized access to configuration items. AccessData’s configuration management system was also observed during the site visit, and it was found to be mature and well-developed. Evaluators also examined the development security procedures and determined that they detailed sufficient security measures to protect the confidentiality and integrity of the CIRT v2.1.2 design and implementation. Common Criteria noted that AccessData maintains a high-level of end user support for the product. This independent penetration testing did not uncover any exploitable vulnerabilities in the intended operating environment.

CIRT v2.1.2 was subjected to a comprehensive suite of formally documented, independent functional and penetration tests. The testing took place at the Information Technology Security Evaluation and Test (ITSET) Facility at EWA-Canada. The CCS Certification Body witnessed a portion of the independent testing. The developer’s tests and the independent functional tests yielded the expected results, giving assurance that CIRT v2.1.2 is a trusted product that provides the security desired by the most demanding organizations.

AccessData will be hosting a webinar titled, “Cyber Intelligence & Response Technology... What You Don't Know CAN Hurt You” that will highlight many of the key capabilities of the CIRT platform on Thursday, January 31st, at 10am PT / 1pm ET. This event is free to attend, but registration is required.

About AccessData Group:

AccessData Group has pioneered digital investigations and litigation support for 25 years. Its family of stand-alone and enterprise-class solutions, including FTK, SilentRunner, Summation and the CIRT security framework, enable digital investigations of any kind, including computer forensics, incident response, e-discovery, legal review and compliance auditing. More than 130,000 users in law enforcement, government agencies, corporations and law firms worldwide rely on AccessData software solutions and its premier digital investigation and hosted review services. AccessData is also a leading provider of digital forensics and litigation support training and certification. www.accessdata.com.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
For IoT to grow as quickly as analyst firms’ project, a lot is going to fall on developers to quickly bring applications to market. But the lack of a standard development platform threatens to slow growth and make application development more time consuming and costly, much like we’ve seen in the mobile space. In his session at @ThingsExpo, Mike Weiner, Product Manager of the Omega DevCloud with KORE Telematics Inc., discussed the evolving requirements for developers as IoT matures and conducte...
The Software Defined Data Center (SDDC), which enables organizations to seamlessly run in a hybrid cloud model (public + private cloud), is here to stay. IDC estimates that the software-defined networking market will be valued at $3.7 billion by 2016. Security is a key component and benefit of the SDDC, and offers an opportunity to build security 'from the ground up' and weave it into the environment from day one. In his session at 16th Cloud Expo, Reuven Harrison, CTO and Co-Founder of Tufin,...
With SaaS use rampant across organizations, how can IT departments track company data and maintain security? More and more departments are commissioning their own solutions and bypassing IT. A cloud environment is amorphous and powerful, allowing you to set up solutions for all of your user needs: document sharing and collaboration, mobile access, e-mail, even industry-specific applications. In his session at 16th Cloud Expo, Shawn Mills, President and a founder of Green House Data, discussed h...
Mobile, social, Big Data, and cloud have fundamentally changed the way we live. “Anytime, anywhere” access to data and information is no longer a luxury; it’s a requirement, in both our personal and professional lives. For IT organizations, this means pressure has never been greater to deliver meaningful services to the business and customers.
Container technology is sending shock waves through the world of cloud computing. Heralded as the 'next big thing,' containers provide software owners a consistent way to package their software and dependencies while infrastructure operators benefit from a standard way to deploy and run them. Containers present new challenges for tracking usage due to their dynamic nature. They can also be deployed to bare metal, virtual machines and various cloud platforms. How do software owners track the usag...
The Internet of Everything (IoE) brings together people, process, data and things to make networked connections more relevant and valuable than ever before – transforming information into knowledge and knowledge into wisdom. IoE creates new capabilities, richer experiences, and unprecedented opportunities to improve business and government operations, decision making and mission support capabilities.
There are many considerations when moving applications from on-premise to cloud. It is critical to understand the benefits and also challenges of this migration. A successful migration will result in lower Total Cost of Ownership, yet offer the same or higher level of robustness. In his session at 15th Cloud Expo, Michael Meiner, an Engineering Director at Oracle, Corporation, analyzed a range of cloud offerings (IaaS, PaaS, SaaS) and discussed the benefits/challenges of migrating to each offe...
Puppet Labs has announced the next major update to its flagship product: Puppet Enterprise 2015.2. This release includes new features providing DevOps teams with clarity, simplicity and additional management capabilities, including an all-new user interface, an interactive graph for visualizing infrastructure code, a new unified agent and broader infrastructure support.
Chuck Piluso presented a study of cloud adoption trends and the power and flexibility of IBM Power and Pureflex cloud solutions. Prior to Secure Infrastructure and Services, Mr. Piluso founded North American Telecommunication Corporation, a facilities-based Competitive Local Exchange Carrier licensed by the Public Service Commission in 10 states, serving as the company's chairman and president from 1997 to 2000. Between 1990 and 1997, Mr. Piluso served as chairman & founder of International Te...
One of the hottest areas in cloud right now is DRaaS and related offerings. In his session at 16th Cloud Expo, Dale Levesque, Disaster Recovery Product Manager with Windstream's Cloud and Data Center Marketing team, will discuss the benefits of the cloud model, which far outweigh the traditional approach, and how enterprises need to ensure that their needs are properly being met.
SYS-CON Events announced today that MobiDev, a software development company, will exhibit at the 17th International Cloud Expo®, which will take place November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. MobiDev is a software development company with representative offices in Atlanta (US), Sheffield (UK) and Würzburg (Germany); and development centers in Ukraine. Since 2009 it has grown from a small group of passionate engineers and business managers to a full-scale mobi...
Learn how to solve the problem of keeping files in sync between multiple Docker containers. In his session at 16th Cloud Expo, Aaron Brongersma, Senior Infrastructure Engineer at Modulus, discussed using rsync, GlusterFS, EBS and Bit Torrent Sync. He broke down the tools that are needed to help create a seamless user experience. In the end, can we have an environment where we can easily move Docker containers, servers, and volumes without impacting our applications? He shared his results so yo...
Palerra, the cloud security automation company, announced enhanced support for Amazon AWS, allowing IT security and DevOps teams to automate activity and configuration monitoring, anomaly detection, and orchestrated remediation, thereby meeting compliance mandates within complex infrastructure deployments. "Monitoring and threat detection for AWS is a non-trivial task. While Amazon's flexible environment facilitates successful DevOps implementations, it adds another layer, which can become a ...
In their session at 17th Cloud Expo, Hal Schwartz, CEO of Secure Infrastructure & Services (SIAS), and Chuck Paolillo, CTO of Secure Infrastructure & Services (SIAS), provide a study of cloud adoption trends and the power and flexibility of IBM Power and Pureflex cloud solutions. In his role as CEO of Secure Infrastructure & Services (SIAS), Hal Schwartz provides leadership and direction for the company.
In a recent research, analyst firm IDC found that the average cost of a critical application failure is $500,000 to $1 million per hour and the average total cost of unplanned application downtime is $1.25 billion to $2.5 billion per year for Fortune 1000 companies. In addition to the findings on the cost of the downtime, the research also highlighted best practices for development, testing, application support, infrastructure, and operations teams.