HarfangLab EDR
Certified by ANSSI

HarfangLab is the first ANSSI-certified EDR, with CSPN certification (First Level Security Certification). We first obtained this crucial development milestone in 2020.

This CSPN certification was renewed and extended in 2024, covering the EDR agent and manager. In December 2024, HarfangLab also obtained a qualification from ANSSI for its EDR, attesting to best practices in security.

“ANSSI certification is a testament to the confidence of the French state and institutions in our solution to meet the cybersecurity challenges of organizations in France and across Europe.

It demonstrates HarfangLab’s strong commitment since our inception to providing extremely robust security solutions, guaranteeing user confidence.”

Grégoire Germain CEO and Founder – HarfangLab

ANSSI Certification: a guarantee of reliability 

At HarfangLab, we are convinced that these efforts are essential to maintaining the quality and excellence that our users expect from us in the face of a constantly changing threat landscape and increasing security requirements.

Renewing this certification demands a lasting and unfailing investment in our products, our teams, and our standards for each.

For this reason, CSPN certification is much more than just a label.
It reflects our commitment to deliver a product that meets the most stringent security requirements validated by an independent organization.

It is also a mark of confidence for our customers, while serving as a strategic lever for our future development.

Please note: CSPN certification is not based on detection capacity, but on the security and robustness of the solution.
The detection performance and ease of use of our EDR are assessed during the POC phase or by other assessments such as MITRE ATT&CK.

What does a CSPN certification guarantee? 

ANSSI certification is a key element in the decision-making process of the companies and organizations that place their trust in us to protect their IT assets.
Some sectors, such as the public sector, require this certification for the products they select, even though there is no legal obligation to do so.

Obtaining ANSSI certification is therefore not only a quality requirement for our technical teams, but also a response to market expectations and compliance needs.

Renewal and extension of CSPN certification

CSPN certification is only valid for a limited period and requires periodic renewal.

It is an essential process for maintaining a product’s compliance with constantly evolving security standards through an external, independent eye.

The certification obtained in 2020 was renewed and extended in 2024.

• In 2020, ANSSI certification focused solely on the agent, the most critical component of an EDR, which is deployed on all workstations and servers.

• In 2024, ANSSI certification covers both the agent and the EDR manager. Indeed, the manager plays a critical role in managing the agents – updates, configuration, administration, data sorting – and must offer equivalent security guarantees.

ANSSI Certification: a long-term commitment

Certification involves regular consultation with ANSSI and CESTI (Information Technology Security Assessment Center) over several months, covering a wide range of skills: cryptography, development, DevOps, CTI, project management… ANSSI’s role is to provide expertise and support, free of charge and in complete independence.

CESTI, for its part, assesses the security and robustness of solutions by means of chargeable tests.
Obtaining, renewing, and extending CSPN certification is therefore a lengthy process, both technically and in terms of human resources.

But CSPN certification also contributes to simplifying the purchasing process for companies and public authorities, as pre-selection, acquisition, and renewal projects for cybersecurity solutions are facilitated by the validation of a trusted third party such as ANSSI.

“Today, there are multiple certifications across Europe. Some authorities have set up mutual recognition agreements, such as ANSSI and BSI in Germany.

European certification for security products, through the work of ENISA and the application of the Cyber Resilience Act, will make it possible to pool these certification efforts, which are costly for companies and public authorities.

It will also be a way of facilitating purchases on a European scale, beyond certifications issued solely by local authorities.”

Pierre-Louis Mauratille Pre-Sales Lead – HarfangLab

A step beyond ANSSI Certification – ANSSI Qualification

In addition to its software security certification, HarfangLab also holds an ANSSI qualification, which validates development practices and organizational security.

This qualification also aims to ensure the implementation of a security-centric plan for software development, and lays down strict conditions for maintaining this level of requirement over time.

It represents a further validation of the quality of our product and service.