Welcome!

News Feed Item

AccessData Group Achieves Common Criteria Certification for Cyber Intelligence and Response Technology (CIRT)

In a welcome announcement for the new year; AccessData’s CIRT v.2.1.2 has received certification from Common Criteria, an internationally recognized standard for computer security certification, with an Evaluation Assurance Level (EAL) of 3+. Common Criteria provides a set of standards used by the federal government and other organizations to assess the security and assurance of technology products. Common Criteria implements and evaluates solutions, employing rigorous and consistent methodologies, to validate and rate their levels of security assurance. Common Criteria is the driving force for the widest available mutual recognition of secure and trusted IT products.

AccessData chose to invest in the certification to ensure CIRT is endorsed against internationally sanctioned and rigorous security standards. CIRT is the first and only product to integrate network and host forensics, malware analysis, large-scale data auditing and remediation capabilities. The solution delivers the functionality of AccessData’s SilentRunner network forensics solution, AD eDiscovery and AD Enterprise products through a single collaborative interface. Common Criteria has bestowed this certification upon CIRT for its data protection technology, including its ability to provide network surveillance (also, its ability to detect data spillage, and its ability to perform integrated root cause analysis in the event of a security breach). The core technology certified through Common Criteria exists in many of AccessData’s solutions.

This certification ensures the product was methodically tested and checked at an independent lab where a vulnerability analysis demonstrated resistance to penetration attackers. The lab found that CIRT v2.1.2 provides the means to identify and manage inappropriate data hosted on corporate end user workstations, file shares, and email message servers. It offers protection against attempts to breach system security by attackers. The lab gave CIRT its highest rating of all products it is currently testing. The EAL score of 3+ is recognized by all countries participating in the Common Criteria Recognition Arrangement (CCRA).

The evaluators determined that the initialization process is secure and that the security functions are protected against tamper and bypass. User guides were found to be sufficiently descriptive on how to use and administer CIRT, resulting in a secure configuration. The evaluators found that the CIRT v2.1.2 configuration items were clearly marked and the access control measures were effective in preventing unauthorized access to configuration items. AccessData’s configuration management system was also observed during the site visit, and it was found to be mature and well-developed. Evaluators also examined the development security procedures and determined that they detailed sufficient security measures to protect the confidentiality and integrity of the CIRT v2.1.2 design and implementation. Common Criteria noted that AccessData maintains a high-level of end user support for the product. This independent penetration testing did not uncover any exploitable vulnerabilities in the intended operating environment.

CIRT v2.1.2 was subjected to a comprehensive suite of formally documented, independent functional and penetration tests. The testing took place at the Information Technology Security Evaluation and Test (ITSET) Facility at EWA-Canada. The CCS Certification Body witnessed a portion of the independent testing. The developer’s tests and the independent functional tests yielded the expected results, giving assurance that CIRT v2.1.2 is a trusted product that provides the security desired by the most demanding organizations.

AccessData will be hosting a webinar titled, “Cyber Intelligence & Response Technology... What You Don't Know CAN Hurt You” that will highlight many of the key capabilities of the CIRT platform on Thursday, January 31st, at 10am PT / 1pm ET. This event is free to attend, but registration is required.

About AccessData Group:

AccessData Group has pioneered digital investigations and litigation support for 25 years. Its family of stand-alone and enterprise-class solutions, including FTK, SilentRunner, Summation and the CIRT security framework, enable digital investigations of any kind, including computer forensics, incident response, e-discovery, legal review and compliance auditing. More than 130,000 users in law enforcement, government agencies, corporations and law firms worldwide rely on AccessData software solutions and its premier digital investigation and hosted review services. AccessData is also a leading provider of digital forensics and litigation support training and certification. www.accessdata.com.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
Internet of @ThingsExpo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 21st Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The Internet of Things (IoT) is the most profound change in personal and enterprise IT since the creation of the Worldwide Web more than 20 years ago. All major researchers estimate there will be tens of billions devic...
Recently, IoT seems emerging as a solution vehicle for data analytics on real-world scenarios from setting a room temperature setting to predicting a component failure of an aircraft. Compared with developing an application or deploying a cloud service, is an IoT solution unique? If so, how? How does a typical IoT solution architecture consist? And what are the essential components and how are they relevant to each other? How does the security play out? What are the best practices in formulating...
An increasing number of companies are creating products that combine data with analytical capabilities. Running interactive queries on Big Data requires complex architectures to store and query data effectively, typically involving data streams, an choosing efficient file format/database and multiple independent systems that are tied together through custom-engineered pipelines. In his session at @BigDataExpo at @ThingsExpo, Tomer Levi, a senior software engineer at Intel’s Advanced Analytics ...
In his session at @ThingsExpo, Arvind Radhakrishnen discussed how IoT offers new business models in banking and financial services organizations with the capability to revolutionize products, payments, channels, business processes and asset management built on strong architectural foundation. The following topics were covered: How IoT stands to impact various business parameters including customer experience, cost and risk management within BFS organizations.
As DevOps methodologies expand their reach across the enterprise, organizations face the daunting challenge of adapting related cloud strategies to ensure optimal alignment, from managing complexity to ensuring proper governance. How can culture, automation, legacy apps and even budget be reexamined to enable this ongoing shift within the modern software factory?
While some vendors scramble to create and sell you a fancy solution for monitoring your spanking new Amazon Lambdas, hear how you can do it on the cheap using just built-in Java APIs yourself. By exploiting a little-known fact that Lambdas aren’t exactly single-threaded, you can effectively identify hot spots in your serverless code. In his session at @DevOpsSummit at 21st Cloud Expo, Dave Martin, Product owner at CA Technologies, will give a live demonstration and code walkthrough, showing how ...
SYS-CON Events announced today that Elastifile will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Elastifile Cloud File System (ECFS) is software-defined data infrastructure designed for seamless and efficient management of dynamic workloads across heterogeneous environments. Elastifile provides the architecture needed to optimize your hybrid cloud environment, by facilitating efficient...
@DevOpsSummit at Cloud Expo taking place Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center, Santa Clara, CA, is co-located with the 21st International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is ...
The question before companies today is not whether to become intelligent, it’s a question of how and how fast. The key is to adopt and deploy an intelligent application strategy while simultaneously preparing to scale that intelligence. In her session at 21st Cloud Expo, Sangeeta Chakraborty, Chief Customer Officer at Ayasdi, will provide a tactical framework to become a truly intelligent enterprise, including how to identify the right applications for AI, how to build a Center of Excellence to...
SYS-CON Events announced today that Golden Gate University will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Since 1901, non-profit Golden Gate University (GGU) has been helping adults achieve their professional goals by providing high quality, practice-based undergraduate and graduate educational programs in law, taxation, business and related professions. Many of its courses are taug...
DevOps at Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 21st Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to w...
"We provide IoT solutions. We provide the most compatible solutions for many applications. Our solutions are industry agnostic and also protocol agnostic," explained Richard Han, Head of Sales and Marketing and Engineering at Systena America, in this SYS-CON.tv interview at @ThingsExpo, held June 6-8, 2017, at the Javits Center in New York City, NY.
Given the popularity of the containers, further investment in the telco/cable industry is needed to transition existing VM-based solutions to containerized cloud native deployments. The networking architecture of the solution isolates the network traffic into different network planes (e.g., management, control, and media). This naturally makes support for multiple interfaces in container orchestration engines an indispensable requirement.
SYS-CON Events announced today that DXWorldExpo has been named “Global Sponsor” of SYS-CON's 21st International Cloud Expo, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Digital Transformation is the key issue driving the global enterprise IT business. Digital Transformation is most prominent among Global 2000 enterprises and government institutions.
21st International Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Me...