Our cybersecurity laboratory: a key player in certification and advanced cybersecurity analysis in Europe
Accredited as an ITSEF (Information Technology Security Evaluation Facility) by ANSSI and by COFRAC [accreditation No. 1-2190, scope available at www.cofrac.fr], the SEAL is one of only two laboratories in France authorized to evaluate and certify software and network equipment in accordance with the most rigorous standards: CSPN, Common Criteria, and EUCC at the High level.
Our expertise goes beyond certification: we conduct advanced offensive analyses, strengthen product security from the design stage through a Security by Design approach, and support our clients in the transition to post-quantum cryptography and the security of AI systems.
Comprehensive expertise to secure and certify the technologies of tomorrow
PRODUCT DESIGN
Integration of security measures from the early development stage (Security by Design, DevSecOps)
INDEPENDENT EVALUATION
In-depth analysis by a certified facility to identify vulnerabilities
CERTIFICATION / QUALIFICATION
Achievement of a recognized certification demonstrating the robustness of the product
MARKET TRUST
Enhanced credibility with clients and partners, fostering product adoption
REGULATORY COMPLIANCE
Compliance with new European requirements (DORA, NIS2, CRA, REC…) and facilitation of access to regulated markets
CSPN | CC | EUCC
Our licences for software and network equipment evaluations
18
Specialized
technical experts
15
Years of proven
expertise
150+
CSPN evaluations
conducted over the past 4 years
9
Client nationalities
A quality management system focused on client satisfaction
ISO 17025
COFRAC ACCREDITATION*
(RENEWED FOR 3 YEARS IN APRIL 2024)
[Accreditation No. 1-2190, scope available at www.cofrac.fr]
+43
OUR NPS SCORE
(SCALE FROM -100 TO +100)
9/10
AVERAGE CLIENT RATING
FROM ANONYMOUS SATISFACTION SURVEYS
What our clients say
EXCERPTS FROM SATISFACTION SURVEYS CONDUCTED AT THE END OF OUR EVALUATION PROJECTS:
“Simple and straightforward, fully aligned with my needs and expectations.”
“High quality of expertise and reporting.”
“Thorough project management.”
“Ability to adapt to schedule constraints.”
The expertise of a recognized laboratory to support you through every phase of your product security lifecycle
QUALIFICATION, CERTIFICATION
- Evaluation of security products under schemes supported by ANSSI: CSPN, Common Criteria (up to EAL4+ for Amossys (EAL5 upon ANSSI exemption)), EUCC* (*accreditation in progress).
- Consulting and support: preparation for certification (assistance in choosing the appropriate certification type, documentation drafting, preliminary mock audits).
OFFENSIVE ANALYSIS
Identification of vulnerabilities before their discovery and exploitation by malicious actors.
Assessment of the effectiveness of integrated business functions (detection engines, AI engines, anonymization features, etc.).
Source code analysis, fuzzing campaigns, reverse engineering, and more.
SECURITY BY DESIGN, DEVSEC
Secure development consulting to ensure in-depth hardening of a software or component, as well as guidance in software development and architecture in preparation for cybersecurity certification (CSPN/CC).
Software architecture consulting.
Software implementation consulting.
CRYPTOGRAPHY CONSULTING
Security strategy consulting: algorithm selection, key sizing, cryptographic architecture design, development of cryptographic solutions etc.
Implementation consulting: implementation choices, library selection, etc.
Training and support for the post-quantum cryptography (PQC) transition.
SOFTWARE COUNTERFEIT ANALYSIS
Analysis of software or software components suspected of being counterfeit or infringing existing patents.
Collection of technical evidence and preliminary analysis to support legal proceedings.
CERT / MALWARE ANALYSIS
Malware analysis to understand behavior and operation.
Contribution to the technical Cyber Threat Intelligence (CTI) of a CERT following incident response.
Production of IOCs, identification of persistence and evasion mechanisms.Production d’IOC, identification des moyens de persistance / dissimulation.
