ANSSI (Agence nationale de la sécurité des systèmes d'information) is the French national agency for information systems security.national cyber security authority and cyber defence in France.
Created in 2009, it reports to the General Secretariat for Defence and National Security (SGDSN).
📋 ANSSI's missions
- Protecting the State's information systems
- Preventing and responding to cyber attacks
- Advice and technical assistance for public authorities and Vital Interest Operators (VIOs)
- Drafting cybersecurity regulations
- Certification of security products and services
- Raising awareness and training in cyber security issues
📜 ANSSI certifications
ANSSI issues several types of certification to attest to the security of IT products and services. Here are the main ANSSI certifications:
> CSPN (First Level Security Certification)
The CSPN, also known as the "ANSSI Security Visa", is a certification introduced in 2008.
Its main characteristics are :
- Security assessment by an ANSSI-approved assessment centre (CESTI)
- Black box" tests carried out within a limited timeframe
- Cheaper and faster alternative to the Common Criteria
- Applies to various products: software, operating systems, hardware, etc.
> Other ANSSI certifications
ANSSI also issues other qualifications for cybersecurity service providers, including :
- PASSI : Information Systems Security Audit Provider
- PDIS : Security Incident Detection Services
- PRIS Security Incident Response Provider
- SecNumcloud for cloud service providers
