Evaluated Product - Details

Return to the EPL index

Votiro Secure Data Sanitisation Engine v7.1

Product type: Other Devices and Systems
Product Status: Completed
Assurance Level: EAL2

Version: 7.1
Components: The TOE is designed to run on a Windows Server 2016 OS

Product Details

Product Description

Certification Country: AUSTRALIA/NEW ZEALAND (2017)
Certificate Details: 2017/110
Certification Method: CC
Evaluation Facility: BAE Systems Applied Intelligence
Manufacturer/Vendor/Distributor: Votiro Cybersec Limited

Votiro Cybersec Limited

Level 10, 20 Martin Place
Sydney NSW 2000 Australia
Product Website: http://www.votiro.com/

Contact


Daniel Sekers

Phone: +61 2 9239 3165
Email: sales-au@votiro.com

Documents

CC Certificate
Certification Report
Security Target

Votiro SDS is designed to supplement the traditional sandboxing approach for securing files entering a network. It can help detect and prevent zero-day and other advanced threats that are designed to work around the general sandboxing approach. The TOE allows users to submit files to it via API calls which are then processed according to configurable policy rules.

The TOE claims the following security functions


Security Function 



Description 



Security Audit 



The TOE is capable of generating audit logs of relevant security events including all file transactions and configuration changes.

File transactions are identified by the file name whilst configuration changes are implicitly attributed to the administrator of the underlying OS. 



User Data Protection 


 

The TOE is capable of receiving files and processing them according to a predefined flow policy. These files can then be allowed, denied or handed off to the CDR subsystem of the TOE. 

The TOE also ensures that any residual information is deleted after it is no longer needed.

 



Security Management 



The TOE is capable of accepting configuration via XML files 



Privacy 



The TOE is capable of maintaining the anonymity of its file deconstruction process. 



Protection of the TSF 



The TOE is capable of providing reliable timestamps and in the event of an error failing in a secure manner. 



Resource Utilisation


The TOE is capable of limiting resource utilisation in order to prevent a DOS situation.