CrowdStrike and jtsec collaborate in the inclusion of the latest version of Falcon Sensor in the CPSTIC / CCN-STIC 105 catalogue thanks to the Continuous Qualification process.


- Oct
Posted by: jtsec Team
CrowdStrike and jtsec collaborate in the inclusion of the latest version of Falcon Sensor in the CPSTIC / CCN-STIC 105 catalogue thanks to the Continuous Qualification process.

The Continuous Qualification Strategy mainly concerns those manufacturers and/or developers who already have a product in the Catalogue and whose version has become obsolete due to the development of later versions and wish to include them in the catalogue.

What is the Continuous Qualification Strategy and how does it affect already certified products?

Nowadays, manufacturers are continuously developing and improving their products. Therefore, at the time of obtaining a certification (a process that can take several months), the product already has versions that are later than the certified one, thus creating a mismatch between the versions that the manufacturer is developing and the version that appears in the catalogue.

To solve this type of mismatch, CCN created the Continuous Qualification Strategy, to keep the CPSTIC, CCN-STIC 105 catalogue as up to date as possible, thus speeding up the qualification and inclusion of products in the catalogue. This process consists of of evaluating software versions, firmware or hardware models not included in the initial certification without the need to carry out a complete evaluation process.

It is an open-ended process in which new versions of the product are analysed. In case the changes do not affect the security of the product, the Differential Analysis Report (IAD by its acronym in Spanish) is written justifying that testing of the new version of the product is not necessary. If the changes affect security, a complementary STIC assessment is performed on the affected security functionality.

This applies to a large number of manufacturers who create different versions of the same product whose differences are minimal with respect to the already certified product.

When does Continuous Qualification apply?

There are several compelling reasons why a manufacturer may wish to apply Continuous Qualification to their product.

Continuous Qualification will apply in the following cases:

  • New versions of the product: : This would be the case for new versions of the product including new functionality or solving problems found in previous versions.
  • New hardware models: In this case the software/firmware does not change, but there are versions with different hardware of which only one has been certified, so it is desired to extend it to the rest of the models.
  • Obtaining ENS High: A manufacturer can promote its product in the catalogue to ENS High without the need to obtain a Common Criteria certification. If the product is already in the catalogue with a Medium ENS category, it can obtain High ENS through Continuous Qualification and the completion of a complementary STIC assessment including in the scope the functional requirements required in the Common Criteria certification.
  • CrowdStrike success case, Continuous Qualification process from the manufacturer´s point of view.

    CrowdStrike is an American cybersecurity technology company based in Austin, Texas. Its products are based on protecting the most critical areas of enterprise risk - endpoints and cloud workloads, identity and data - to keep customers ahead of today´s adversaries and stop breaches.

    They currently have one product listed in the CPSTIC / CCN STIC - 105 catalogue Falcon Sensor v.6.27.14102. However, due to the fast evolution of the product, that version soon became obsolete, so they decided to apply Continuous Qualification to list the latest available version, Falcon Sensor v.6.40, in the catalogue

    The process comprised conducting a Security Requirements Impact Analysis (Updated IAD) with the changes that had been made between both versions and checking that the new version did not contain modifications that affected compliance with the security requirements included in the LINCE certification, so no additional tests had to be performed to verify the viability of the new version to enter the catalogue. From jtsec we congratulate CrowdStrike for the inclusion of the new version of its Falcon Sensor product and thank them for their confidence in us.

    CrowdStrike is a pioneer company at national level with the application of the strategy of continuous qualification, ensuring its customers that they can use the latest technology developed by the company securely.

    Offering our customers maximum security in our products is key to continue generating confidence. That´s why we decided to include the latest version of our flagship product, the Falcon Sensor, in the reference cybersecurity catalogue for companies and public administrations. Thanks to jtsec, a laboratory that has already helped us to obtain LINCE certification, this process has been quite easy for CrowdStrike

    Antonio Cortés, Public Sector Manager at CrowdStrike

    How can jtsec help you in the evaluation of your products according to the Continuous Qualification Strategy?

    At jtsec we are experts in LINCE and Common Criteria assessments, the two methodologies accepted by the CCN to be able to include products in the CPSTIC Catalogue. The jtsec team offers the following services:

  • LINCE or Common Criteria evaluation

  • Complementary STIC assessment

  • Inclusion of products in the CPSTIC/CCN - STIC 105 catalogue

  • Drafting of the differential analysis report

  • Drafting of secure use procedures

    If this is your case and you have any questions, please do not hesitate to contact us, we will be happy to help you.

  • jtsec Team/Staff

    jtsec: Beyond IT Security Team


    Send us your questions or suggestions!

    By sending your data you allow us to use it to resolve your doubts by sending you commercial information of interest. We will delete it when they are no longer necessary for this matter. Know your rights in our Privacy Policy.