jtsec - an Applus+ Company

Founded in 2017 as jtsec Beyond IT Security SLU, with registered office in Granada (Spain), jtsec - an Applus+ Company became part of Applus+ Group in 2022.

jtsec - an Applus+ Company accreditations

jtsec - an Applus+ Company is a laboratory accredited by the Spanish Accreditation Agency (ENAC) and the Spanish Cryptologic Centre (CCN) to carry out cybersecurity assessments under different methodologies and certification schemes.

jtsec - an Applus+ Company services

Over 50 professionals that currently form part of jtsec - an Applus+ Company are highly qualified and engaged in the analysis and assessment of IT products. Cybersecurity assessments are performed under the following schemes:

  • Common Criteria (CC), the main international scheme for ICT products certification. 
  • LINCE, the key certification to access the ICT Security Products Catalogue in Spain (together with Common Criteria). 
  • ETSI EN 303 645, the cybersecurity standard for consumer IoT.
  • IEC 62443-4, the cybersecurity standard for industrial IoT.

jtsec – an Applus+ Company has active participation in European and international standardisation committees.

Common Criteria Evaluation

The Common Criteria (ISO/IEC 15408) international standard is the most internationally renowned certification used to assess the security of ICT products.

jtsec – an Applus+ Company is an accredited laboratory to carry out the cybersecurity assessments required to obtain the Common Criteria certification, according to the Spanish certification scheme (CCN).

To improve its CC service, jtsec – an Applus+ Company developed an automation platform to generate, evaluate and validate Common Criteria-specific documentation: CCToolBox.

This platform helps speed up the processes of the different players involved in the process: manufacturers and consultants, laboratories, and certification/validation bodies.

LINCE Evaluation

The National Essential Security Certification (LINCE) is a methodology for assessing and certifying ICT products developed by the Spanish Cryptologic Centre (CCN).

Thanks to such methodology, manufacturers can optimise assessments that are appropriate for products managing sensitive information without a high level of threat. Considering that the LINCE assessment is carried out within a well-limited period of time and effort, costs are more accessible for all types of manufacturers.

jtsec – an Applus+ Company is an accredited laboratory to carry out the cybersecurity assessments required to obtain the LINCE certification.

It is worth noting the active participation of jtsec – an Applus+ Company in the creation of the LINCE methodology, as they are UNE publishers.

Incorporation of products into the CPSTIC catalogue (CCN – STIC 105)

This catalogue includes products with security guarantees verified by the Spanish Cryptologic Centre (CCN) and is used as reference by public administration authorities.

There are different methods to incorporate a product into the CPSTIC catalogue depending on the security level, but in most cases it is necessary to pass a security assessment, such as Lince (low and medium levels), Common Criteria (high level) or a STIC supplementary assessment in the case of products that are already certified under Common Criteria and there is an intention to list them in the catalogue.

ETSI 303 645 - Cybersecurity assessment for consumer IoT

ETSI EN 303 645 is the reference standard for the consumer IoT sector around the world. It allows manufacturers to show that their products have a specific degree of resilience in the event of cyberattacks.

jtsec – an Applus+ Company is an accredited laboratory that evaluates the compliance with the standard ETSI EN 303 645 concerning consumer IoT products, such as smart watches, home automation devices, consumer electronics, electric appliances and other connected devices.

IEC 62443 - Industrial cybersecurity assessment

IEC 62443 is one of the main standards to assess the cybersecurity of industrial connected devices. This standard may be assessed and certified under the IECEE CB Scheme. This scheme is based on internationally accepted security standards and includes a system of laboratories (CBTL) and accredited certification bodies (NCBs).

jtsec – an Applus+ Company is a CBTL-accredited laboratory to carry out industrial cybersecurity assessments pursuant to IEC 62443 4-1 and IEC 62443 4-2. The necessary tests are carried out at the facilities to ensure that the product is resistant to applicable cyberattacks and, therefore, that it can receive the CB certification.

Applus+ uses first-party and third-party cookies for analytical purposes and to show you personalized advertising based on a profile drawn up based on your browsing habits (eg. visited websites). You can accept all cookies by pressing the "Accept" button or configure or reject their use. Consult our Cookies Policy for more information.

Cookie settings panel