Vladimir Penaz
I'm a student finishing my Master's in Cybersecurity Management, with a focus on business analysis in the sec-certs research project, which explores data in FIPS and Common Criteria certifications. Alongside my studies, I work as a Security Engineer at Oracle, where I focus on automating security procedures and streamlining compliance workflows.
Session
10-08
09:00
50min
The Use of OpenSSL in Common Criteria and FIPS 140 Certifications
Martin Ukrop, Vladimir Penaz
What do we know about the usage of OpenSSL in certified software and devices? Is its prevalence rising or falling? Who uses it? And what versions are used? What else can we learn without having to sign an NDA?
This talk will dive into the certification landscape of Common Criteria and FIPS 140, focusing on the role of OpenSSL as a use case to see how much we can learn from publicly available data.
Security, Compliance & the Law
Belvedere I/ Security, Compliance & the Law