Certified/Validated Products List

Defense Platform Business Edition CC
Ver.3.6.1.5

Humming Heads, Inc.
Last Updated 2017-03-06
Product Name :
Defense Platform Business Edition CC
Version of TOE :
Ver.3.6.1.5
Product Type :
Whitelisting Anti-Malware Software
Certification No. :
C0532
Date :
2016-12-09
Version of Common Criteria:
3.1 Release4
Conformance Claim :
EAL3
PP Identifier :
None

PRODUCT DESCRIPTION

Description of TOE

The TOE is a whitelisting anti-malware product for PCs which have either Windows 8.1 Enterprise 64bit or Windows Server 2012 R2 Standard 64bit installed.
The TOE focuses on typical activities of malware such as concealing themselves and network transmission, and in order to prevent the said typical activities, the TOE provides security functions to control permission and rejection of a program’s action based on the whitelist which contains authorized actions as registered and permitted by the administrator.
Because the pre-set information in the TOE is program actions authorized by the administrator, there is no need to list or update information to detect individual malware.

 

TOE Security functions

The TOE provides the following security functions.

- Judgment function
A function to control permission and rejection of program actions (e.g., network transmission and writing to system files and programs in execution) based on the whitelist.
- Management function
A function to let the administrator change and configure whitelist settings and delete audit records.
- Audit function
A function to generate audit records and let the administrator extract them for analysis.

Security functional requirements

This TOE implements the following security functional requirements.

Security audit Non-repudiation of origin/receipt Cryptographic functionality Access control
Data authentication Export data protection Information flow control Import data protection
Internal transfer data protection Residual information protection Rollback Stored data integrity
Transfer data confidentiality Transfer data integrity Identification and authentication Security management
Privacy Control Security functionality protection Resource utilisation management TOE access control
Trusted path/channels