atsec information security
Common Criteria, FIPS 140-3, EUCC, NESAS, PCI and more.
Who we are
atsec information security is an independent, privately-owned company that focuses on providing laboratory testing, evaluation, validation, and training services for information security.
Where we are
atsec US:
atsec Europe:
atsec Asia:
See you at
Nov. 4-6th 2024, Doha, Qatar
Nov. 20-21st 2024, Hanoi, Vietnam
ICMC 2025
Apr. 4-6th 2025, Toronto, Canada
Our Services
How we can be of service?
We provide services for a variety of business cases and industries.
IT Evaluation & Assessment
atsec information security offers IT evaluation and assessment services, focusing on standards-based evaluations of commercial off the shelf (COTS) hardware, software, and organizational security. Key services include Common Criteria (ISO 15408) evaluation, Security Content Automation Protocol (SCAP), Open Trusted Technology Provider Standard (O-TTPS) development, and IEEE 2621 certification for medical device cybersecurity.
Cryptographic Testing
atsec information security provides FIPS 140-3 testing services to help clients understand the requirements and assess product readiness, and performs conformance testing for the Cryptographic Algorithm Validation Program (CAVP) and Entropy Source Validation (ESV) to ensure proper implementation and compliance with standards.
Telecommunication
atsec information security offers GSMA NESAS Audits and SCAS Testing, part of the Network Equipment Security Assurance Scheme (NESAS) jointly led by 3GPP and GSMA. These services are available to all vendors of network equipment products supporting 3GPP-defined functions. We also provide BSI NESAS-CCS-GI services within this collaborative framework.
Identity
atsec information security provides testing services for NIST Personal Identity Verification Program (NPIVP), ensuring compliance with FIPS 201 standards for U.S. Federal identification products. We also offer eIDAS Trust Service Provider Assessments to help clients meet EU requirements for electronic ID systems and Qualified Trust Services. Additionally, atsec China is an accredited lab for FIDO, supporting secure, passwordless authentication standards.
Certification
atsec Sweden is an accredited private Certification Body according to ISO / IEC 17065, specialized in Common Criteria ISO 15408 and 18045, offering a certification scheme in collaboration with 17025 accredited laboratories. Our private Certification Body is accredited by Sweden’s national accreditation body, SWEDAC, against requirements specified in the CC ISO 15408 and 18045.
Payment Security
As a qualified PCI QSA, ASV, Secure Software & Secure SLC assessor, P2PE, 3DS assessor, PIN security assessor, CPSA, and PFI, atsec China offers a full range of services to support organizations in achieving PCI compliance. atsec has also contributed to the payment security industry since the beginning as a Global Executive Assessor Roundtable member.
Are you ready?
Read our quick start guide and take the first step on your journey to certification.
The Information Security Provider
Read Our Latest Blog Articles
Learn the latest and greatest about information security. You’ll find insights and analyses of recent developments in technology and policy on our blog.
-
Strengthening IoT Security: The Role of SESIP Certification
SESIP is an important standard for IoT security, and atsec is now an approved laboratory for SESIP assessments.
-
ICMC 2024 Update
We enjoyed seeing our colleagues at ICMC24, and have updated this year’s animation with Stephan’s opening remarks.
-
The NCCoE’s Automation of the CMVP
The NCCoE presented an update for the Automated CMVP at ICMC 2024 – we have a bit more detail on atsec’s involvement!
atsec information security
Join our team!
Seeking a New challenge? We are a dedicated team in a fast growing market. Send us your application.