Industry Certifications and Affiliations

Sample of Arxan’s Industry Association Active Engagement

ISO 13485:2003
ISO 13485 is an internationally recognized quality management system standard for medical devices developed by the International Organization for Standardization (ISO). The standard represents an international consensus on good management practices, policies, and procedures with the aim of ensuring that organizations can consistently deliver products or services that meet the customer’s quality requirements.
Arxan is ISO 13485:2003 certified by BSI under certificate number FS 656380.


NH-ISAC Navigator
NH-ISAC Navigator firms are approved by the NH-ISAC Products and Services Committee and provide products and services designed to make the HPH sector stronger and safer. Navigators are an essential part of the NH-ISAC’s ability to achieve its goals, and participation in the Navigator Program is designed to enhance the understanding of sector progress in information sharing and the tools used to enhance security.


FIPS 140-2 Certified
Arxan Cryptographic Key & Data Protection has been awarded FIPS 140-2 Certification. FIPS 140-2 certified Arxan Cryptographic Key & Data Protection solution offers the highest level of protection for sensitive information (Cryptographic Keys, and Data at-rest, in-transit and in-use), and meets the strictest security regulations.

FIPS 140-2 is the de-facto standard for encryption, for not just the federal government agencies, it is also used extensively in many state and local government agencies as well as non-governmental industries including manufacturing, healthcare, financial services, or any additional industry with federal regulations governing data security. It is also recognized as an important security standard outside of the United States, and is required by federal agencies in Canada and recognized in Europe and Australia.


MDISS (Medical Device Innovation, Safety, and Security Consortium)
MDISS is a collaborative and inclusive nonprofit professional organization committed to advancing quality health care with a focus on the safety and security of medical devices. MDISS serves providers, payers, manufacturers, universities, government agencies, technology companies, individuals, patients, patient advocates and associations. Its mission is to protect public health and well-being by advancing computer risk management practices to ensure wide availability of innovative and safe medical devices.


NH-ISAC (National Healthcare)
NH-ISAC is the nation’s Healthcare and Public Health Information Sharing and Analysis Center, responsible for advancing all-hazards (physical and cyber) security national critical infrastructure resilience.
Led by the nation’s health sector, NH-ISAC is recognized by the US Dept. of Health and Human Services (HHS), the Health Sector-Coordinating Council (SCC), the US Dept. of Homeland Security, the National Institute of Standards & Technology (NIST), Law Enforcement and the National Council of ISACs (NCI Directorate), representing all national critical infrastructures.


CVTA
The Connected Vehicle Trade Association (CVTA) is a non-profit business league established to facilitate the interaction, and advance the interests, of the entities involved in the vehicle communication environment. The Connected Vehicle Trade Association enables the collaboration of companies, organizations, and governmental bodies engaged in developing bidirectional vehicle communications. Membership is open to any corporation, public entities, standards and specification organizations and educational institutions.


FIDO Alliance (Fast Identity Online)
The FIDO Alliance is a 501(c)6 non-profit organization nominally formed in July 2012 to address the lack of interoperability among strong authentication devices as well as the problems users face with creating and remembering multiple usernames and passwords. The FIDO Alliance plans to change the nature of authentication by developing specifications that define an open, scalable, interoperable set of mechanisms that supplant reliance on passwords to securely authenticate users of online services. This new standard for security devices and browser plugins will allow any website or cloud application to interface with a broad variety of existing and future FIDO-enabled devices that the user has for online security.


GlobalPlatform
GlobalPlatform is a non-profit, member driven association which defines and develops specifications to facilitate the secure deployment and management of multiple applications on secure chip technology. Its standardized infrastructure empowers service providers to develop digital services once and deploy them across different devices and channels. GlobalPlatform’s security and privacy parameters enable dynamic combinations of secure and non-secure services from multiple providers on the same device, providing a foundation for market convergence and innovative new cross-sector partnerships.

GlobalPlatform is the international industry standard for trusted end-to-end secure deployment and management solutions. The technology’s widespread global adoption across finance, mobile/telecom, government, premium content, automotive, healthcare, retail and transit sectors delivers cost and time-to-market efficiencies to all. GlobalPlatform supports the long-term interoperability and scalability of application deployment and management through its secure chip technology open compliance program.


Ultra HD Forum
The Ultra HD Forum is bringing together market leaders from every part of the industry; broadcasters, service providers, consumer electronics, and technology vendors to collaborate on solving the real-world hurdles, and accelerating Ultra HD deployment.


NFC Forum
The NFC Forum is a non-profit industry association whose membership draws from all parts of the NFC ecosystem. Working within the framework of the NFC Forum, member organizations share development, application, and marketing expertise to develop the best possible solutions for advancing the use of Near Field Communication, enhancing the lives of consumers worldwide and advancing members’ business objectives.


US FDA (Food & Drug Administration)
FDA is responsible for protecting the public health by assuring the safety, efficacy and security of human and veterinary drugs, biological products, medical devices, our nation’s food supply, cosmetics, and products that emit radiation.


FDA is also responsible for advancing the public health by helping to speed innovations that make medicines more effective, safer, and more affordable and by helping the public get the accurate, science-based information they need to use medicines and foods to maintain and improve their health. FDA also has responsibility for regulating the manufacturing, marketing and distribution of tobacco products to protect the public health and to reduce tobacco use by minors.


Finally, FDA plays a significant role in the Nation’s counterterrorism capability. FDA fulfills this responsibility by ensuring the security of the food supply and by fostering development of medical products to respond to deliberate and naturally emerging public health threats.


OWASP (Open Web Application Security Project)
The Open Web Application Security Project (OWASP) is a 501(c)(3)worldwide not-for-profit charitable organization focused on improving the security of software. Our mission is to make software security visible, so that individuals and organizations are able to make informed decisions. OWASP is in a unique position to provide impartial, practical information about AppSec to individuals, corporations, universities, government agencies and other organizations worldwide. Operating as a community of like-minded professionals, OWASP issues software tools and knowledge-based documentation on application security.



NIST (National Institute of Standards and Technology)
Founded in 1901, NIST is a non-regulatory federal agency within the U.S. Department of Commerce. NIST’s mission is to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life.
NIST carries out its mission through the following programs:

  • the NIST Laboratories, conducting world-class research, often in close collaboration with industry, that advances the nation’s technology infrastructure and helps U.S. companies continually improve products and services;
  • the Hollings Manufacturing Extension Partnership, a nationwide network of local centers offering technical and business assistance to smaller manufacturers to help them create and retain jobs, increase profits, and save time and money; and
  • the Baldrige Performance Excellence Program, which promotes performance excellence among U.S. manufacturers, service companies, educational institutions, health care providers, and nonprofit organizations; conducts outreach programs; and manages the annual Malcolm Baldrige National Quality Award which recognizes performance excellence and quality achievement;

CSAJ (Computer Software Association of Japan)
The Computer Software Association of Japan (CSAJ) is a general incorporated association organization which has about 450 Software developers, publishers, system integrators, distributors, dealers and its related support service providers. The main activities are committees, exhibitions, market surveys, and collaboration with overseas associations.


FinTech Association

IT Patent Association

Corporate Citizenship

Arxan is proud to offer a $2,000 scholarship to students showcasing their knowledge, passion and dedication to advancements in the cyber security field.


Scholarship Details:

Application Prerequisites Student is currently enrolled in one of the following programs:
  • Cyber Security
  • Computer Science
  • Information Technology
  • Computer Software Engineering
Application Deadline Fall Semester: Sept. 30, 2016
Scholarship Amount Awarded $2,000 awarded to one student
How to Submit Fill out the form below and include attachments:
  • Essay (800-1500 words)
  • Transcript or other Proof of Enrollment
Questions Email Us at: scholarships@arxan.com

Essay Topic Details:

Applicants must submit a essay (800-1500 words) focused on the topic of application security (mobile, desktop, embedded or server apps), answering the following questions from Section 1 and 2.

Section 1 – Choose from one of the following questions:

  • How are application attacks being launched and how frequently? (provide examples, focusing on distributed apps — excluding web apps)
  • What are the risks to software applications in distributed environments such as on mobile devices or as part of the Internet of Things/embedded computing (connected car, medical devices, home automation, wearables, etc.)?
  • What are the risks to software applications within industry verticals? Choose from one or more of the following industries:
    • Digital Media
    • Gaming
    • Mobile Payments
    • Financial Services
    • Healthcare
    • Retail
    • Software Publishers

Section 2 –

  • Describe how application hardening and run-time protection mitigate security risks, linking to the points raised in Section 1.

Scholarship Application:

Selection Process:

  • All entries will be reviewed by Arxan once the deadline passes.
  • Winners are selected at the discretion of Arxan Technologies Inc.
  • All decisions are final and non-negotiable.
  • Winners are selected based on the quality and depth of knowledge exhibited in submitted essay.
  • Students who are awarded scholarships will be notified no later than the end of October for the Fall Semester and March for the Spring Semester.

Arxan is committed to protecting the privacy of your personal information. This includes the collection, storage, use, access, and disposal of all student information and data obtained through the application process. This data will only be used for reviewing applications and selecting recipients.

Winner and submitted essay will be published on www.arxan.com and announced on social media channels.