Knowledge | News | Careers | Contact us

 

Date: 18th February, 2007
LOCAL INFORMATION SECURITY FIRM NOW LICENSED WITH SKILL 

Canberra-based Information Security firm, stratsec, was today officially granted by Defence Signals Directorate (DSD) confirmation to operate as a licensed evaluation facility under the Australian Information Security Evaluation Program (AISEP).  

The AISEP is a commercial IT security evaluation testing program which is managed by DSD’s Information Security Group, Australia’s national authority on information security.  All evaluations are conducted against the requirements specified in ‘ISO standard 15408’, the Common Criteria for IT security evaluations. 

Being granted a license such as this, is a major milestone for the Australian owned and operated stratsec, which is a company of information security experts providing professional services to Government and business out of its head office in Canberra and on a regional basis in Sydney, Melbourne and Perth. The licenses are granted only to those companies that demonstrate the technical expertise, business characteristics and profile deemed necessary to provide high-quality IT security evaluation services.

The announcement also marks a significant milestone for stratsec founders and current directors, Peter Lilley and Doug Stuart, who both managed the AISEP since its inception in the early 1990s, while working as technical specialists at DSD. 

According to company director, Peter Lilley, the recent announcement is a realisation of a dream to be the first Australian-owned company to be licensed to provide these services and the culmination of many years of hard work.

stratsec intends to differentiate itself from other Australian licensed facilities by providing a more technical focused approach to evaluations and providing a more cost-effective and timely alternative to the big international firms. 

“This endorsement certainly provides us now with a clear mandate and direction in undertaking future IT security evaluation services.

“All stratsec evaluations will be performed within our newly conceived and dedicated ‘stratsec Lab’, which we believe is a ground-breaking and innovative model for this industry,” he said.

The new stratsec Lab - Centre of technical assurance excellence

The stratsec Lab is an innovative centre of excellence designed to provide the complete range of independent technical assurance services. The Lab is located at the firm’s central premises at Deakin, ACT.

A condition of the license agreement under the AISEP is to hold a National Association of Testing Authorities certification for compliance with the international standard for quality assurance in IT testing, ISO 17025.

It is the intention of stratsec to not only have evaluation activities be covered by quality assurance processes, but to have all the lab services supported by accredited quality controls.

Government and business leaders rely on technical assurance services to provide confidence that their networks and systems are free from vulnerabilities and exposures. The stratsec team aims to provide an additional level of confidence that their services are accurate, performed in a controlled and consistent manner and provided on an impartial basis and independent of any bias.

 

Our Expertise

At stratsec we have assembled the premier team of technical assurance experts.  All members of our stratsec Lab team have extensive experience in conducting, overseeing and supporting IT security evaluations at all levels of assurance.  Unlike our competitors, members of our team have participated in all relevant roles in the evaluation lifecycle: developer, sponsor, evaluator and certifier. 

Our testing experts have extensive experience in conducting vulnerability and functional testing in highly secure environments against a wide range of systems and technologies. Our people can provide black box testing, white box testing and review source code and configurations to provide an independent level of confidence in the security your ICT systems and networks.

Much more than Common Criteria evaluations

The stratsec Lab offers the following quality assured services:

 

  • AISEP IT security evaluations

  • Vulnerability assessments

  • Penetration testing

  • Functional and performance testing

  • Application code review

  • Computer forensics.