ANSSI Certification
At a time when economic and digital sovereignty are at the heart of concerns, at Seald we are proud to announce that our product has a Security Visa from the ANSSI with a CSPN.
When Seald was created in 2016, we already had the will to have our solutions certified to demonstrate the seriousness of our solutions. At the end of 2019, we took the decision to start this process.
Scope
This process begins with the selection of the scope to be assessed. At Seald, our solutions are many and varied to cover a maximum of use cases. It would therefore be unrealistic to certify everything, especially since the certification is only valid for a given version and not the updates that follow.
So we decided to certify the so-called Seald-SDK which is a Javascript code library that is used in all our solutions, including the desktop application, the mobile application and the command line version of Seald.
Target
Once the perimeter was established, we formally defined which threats we wanted to guard against: the security target. On this subject, we offer our off-the-shelf solutions, but they are all based on a server, which is offered in Cloud or on-demand.
To be very strict, we therefore decided to consider this server as potentially compromised and to prove that, despite this hypothesis, the confidentiality of the elements protected with Seald was not compromised. This is why the certification only concerns the "client" part of the Seald technology: the Seald-SDK.
This target includes most of the cryptographic mechanisms associated with the Seald technology for which we have provided a cryptographic supply document detailing the algorithms used and the way Seald manages keys, the addition of a posteriori rights, multi-devices, etc.
It was written in collaboration with a CESTI, which we commissioned to evaluate the product: Synacktiv, whom we thank very much for their professionalism and availability.
Contact our teams for a demonstration.
Better Seald than sorry.