French Cybersecurity Group Almond Launches Security Evaluation and Analysis Lab (SEAL)
French cybersecurity group Almond has announced the launch of its
Security Evaluation and Analysis Lab (SEAL). Almond has combined the skills of
its Analysis Center with those of the Information Technology Security
Evaluation Facility (ITSEF) (CESTI in France) operated by Amossys, to create a
very high added-value cyber laboratory with the capacity to scale up to
European level.
As a ITSEF accredited since 2011 by the French Cybersecurity
Agency (ANSSI), Amossys is currently one of the few French laboratories
authorized to assess the cybersecurity of software and network equipment (such
as firewalls, secure messaging applications, etc.) according to both the French
CSPN (Certification de Sécurité de Premier Niveau - First Level Security
Certification) scheme and the international CC (Common Criteria) scheme at one
of the highest levels. To carry out these assessments, Amossys' ITSEF mobilizes
highly technical teams and expertise (PhD in mathematics, cryptography
professionals, offensive security experts, etc.). The laboratory operates as an
impartial third party, independent of product developers, service providers and
sponsors. ANSSI then uses the conclusions of the assessment work carried out by
Amossys to decide whether or not to grant security certification to software
publishers and manufacturers.
Adoption of the European certification scheme (EUCC)
In January 2024, the European Commission announced the
adoption of a new certification scheme, the EUCC (Common criteria based
European Cybersecurity Certification scheme), a first on a European scale. The
creation of the SEAL aims in particular to anticipate the delivery of the first
EUCC certificates by early 2025 and position the group's assessment activities
on a European scale. Almond's ambition is to be the standard-bearer for French
expertise in cyber assessment and certification.
Developing cutting-edge expertise and technical offerings
Within its laboratory, Almond is also strengthening its
traditional expertise, particularly in reverse engineering, malware analysis
and software testing by fuzzing. SEAL experts contribute to the group's
incident response (CERT) and threat research and modelling (Cyber Threat
Intelligence) activities. The group aims to develop new, very high added-value
technical offerings, including consultancy in post-quantum cryptography and
software security, security assessment of embedded systems and Artificial
Intelligence security.
Developing solutions tailored to SMEs and start-ups
Finally, the SEAL aims to offer tailored solutions to SMEs
and start-ups in the software industry, to help them respond to recent changes
in European legislation, which introduces stringent requirements for all
software products in the EU. The SEAL's ambition is to provide an agile support
service, adapted to the budgetary constraints of software companies, within the
culture of expertise and impartiality of a ITSEF.
Alexandre Deloup, previously Head of Evaluation and Analysis
at Amossys, has been appointed Director of the SEAL.
"We want to make the SEAL the best European laboratory
for analysing and evaluating cybersecurity solutions. This 'Lab', run by
Amossys, is a major factor in Almond's influence and transformation, enabling
us to continue attracting the best experts and accelerate our growth. In
addition, in the context of the opening up of the European market, it meets
Almond's objective of developing its business internationally by combining our
expertise in the regulation of cybersecurity products with our ability to
support our clients on key technical issues. Making such a tangible
contribution to cybersecurity in Europe is a meaningful daily mission and makes
us very proud," said Jean-François Aliotti and Olivier Pantaleo,
Co-Directors,
Leave A Comment