Product Security Certifications: Understanding Requirements, Standards, and Implementation

Explore the critical landscape of product security certifications in this 55-minute conference talk from the Storage Developer Conference 2022. Delve into the aftermath of the SolarWinds network management system attack that affected over 18,000 organizations, and understand how security certifications play a vital role in protecting supply chains. Learn about major certification options, their processes, schemes, and criteria while gaining valuable insights into engineering and implementation impacts on product security certification. Discover the specific certification requirements for different market sectors, data types, and security functionality implementations. Master the fundamentals of product security certifications, including FIPS 140-3 and Common Criteria, and understand their significance in product procurement decisions. Gain practical knowledge about US government requirements, PCI certification, and laboratory vetting processes, while exploring the current state of relevant standards and practices in this comprehensive presentation by Eric Hibbard from Samsung Semiconductor, Inc.