The Farncombe Security Audit™ is Cartesian’s independent specialist security auditing service for content owners, broadcasters, OTT providers and technology suppliers worldwide. Trusted and recommended by the major Hollywood studios, Cartesian is one of a select few companies worldwide who offer an auditing service that meets their rigorous standards, including the MovieLabs specification for Ultra HD and 4K content.
Farncombe Security Audit™
Cartesian’s Farncombe Security Audit™ is a standardized methodology for reviewing security system implementations, including materials handling, business processes, system architecture, device security and end-to-end implementation. Our modular process allows us to tailor our reviews to individual systems.
Our audits are separated into three phases, starting with a questionnaire-based self-evaluation, followed by a readiness evaluation, and ending with an on-site security review. Cartesian is also able to offer targeted penetration testing of systems and devices to complement the security audit process.
Upon completion of a Farncombe Security Audit™, businesses may choose to display the Farncombe Security Audit Mark on their website and publicity materials. More information is available here.
Minimum Security Requirements
We have established a set of Minimum Security Requirements that are compiled and maintained through dialogue with content owners and technology partners. These requirements cover end-to-end content acquisition, distribution, and consumption. Our audits assess how systems meet these requirements.
The Minimum Security Requirements cover:
- Content Workflow
- Physical and Cloud security
- Electronic security
- DRM provider robustness
- Security strategy
- Security organization
- Content platform security
- Key and license management
- Network evaluation
- Multi-device policies
- DRM and Conditional Access
- OS hardening obfuscation
- Risk assessment
- Threat mitigation
AACS LA Authorized Robustness Consultant
In 2015, Cartesian was appointed by AACS LA as the first Authorized Robustness Consultant (ARC) able to help manufacturers ensure that the security of their next generation Ultra HD Blu-ray(TM) players meet the robustness requirements of the AACS2 Licenses for implementations of the recently-released AACS2 Specifications.
The Authorized Robustness Consultant is responsible for assessing security robustness of Ultra HD Blu-ray devices.
More information is available here.
Our content security services support business worldwide seeking to establish a secure environment for content distribution. We have built our content security expertise through over 25 years of work with leading broadcasters around the world and the Hollywood studios. From training to implementation, review and audit, to monitoring of systems and services, we offer a complete solution for content owners, Pay TV operators and security technology providers.