CyberSafe Certification – a testimony of adequate and properly implemented, systematically managed and maintained protection against cyber-security threats

Businesses need a cost-effective and pragmatic solution to assess and prove the level of their cyber security posture. For a software company, this is often about proving their software product or platform is secure. Not all companies will benefit from or want to go through the rigorous processes of applying for, for example, the ISO 27000 security certification. elfGROUP CyberSafe certification has been developed for this very purpose. Show your customers and stakeholders that technical cyber security and the confidentiality of your customer’s information matters!
elfGROUP CyberSafe certified company and solution

Practical and reasonably scoped certification for companies

elfGROUP CyberSafe is a hands-on cybersecurity certification for businesses, organizations and individual information systems. It is based on well-known and standardized reference frameworks and criteria such as ISO 27001, NIST, KATAKRI, VAHTI guidelines, OWASP and numerous other best practices. We wanted to bring an alternative to companies of all sizes who may not want, need or be able to get the heavy ISO 27001 certification.

CyberSafe covers the most important areas of administrative and technical information security with an emphasis on practical cyber security, often eliminating unnecessary bureaucracy for SMEs and reducing the requirements for documentation and management models.

CyberSafe Certification for the cyber security is a competitive advantage

With CyberSafe Certification, the company wants to reliably demonstrate to its client that their information system (e.g. online store, patient information system, inter-system integration) has been objectively assessed and adequately secured against cyber threats.

All companies claim their own systems to be very safe but only a reliable third party test and outcome statement is a credible argument.

The certificate can be used for corporate customer communications and marketing materials. You should also affix the certificate to the website of the company or service and always link it to the elfGROUP customer-specific certificate page to ensure validity and authenticity.

CyberSafe Certification is an excellent way to convince customers and partners of a good cyber security level of business.

CyberSafe Certification has two versions:

elfGROUP CyberSafe Certified Company – ECC/C

ECC/C can be awarded to a company that has successfully completed a comprehensive, but pragmatic, cyber safety mapping and testing process. The assessment process covers elfSWEEP as an assessment of the company’s IT environment and its management model.

elfGROUP CyberSafe Certified Solution – ECC/S

ECC/S is intended to be granted for a particular system or service, such as an online store or corporate web site, after an adequately passed security testing. The ECC/S assessment is the result of elfATTACK hacking testing (level 1) and, if desired, elfSWEEP system evaluation (level 2)

Best Practices and Recommendations as the basis for certification

After completing a cyber security assessment, elfGROUP may grant a CyberSafe certificate to a client company or a system under audit (eg web site / service / transaction) as a certificate of adequate and properly implemented, systematically controlled and maintained protection against cyber threats.

The best practices and recommendations for the different criteria such as ISO 27001, NIST, KATAKRI, VAHTI Guidelines, OWASP, ISACA / COBIT and ITIL have been selected as the basis for the certification criteria.

Certification is valid for one year at a time. In connection with the certificate renewal, the maintenance of cyber security security mechanisms and updates will be re-evaluated. elfGROUP’s cyber safety specialists are also available to a certified company during the certification year. Extending and renewing a certificate in such a short time is necessary to maintain a credible level of protection in a constantly evolving threat field. However, re-testing and updating of certifications are more straightforward than the original evaluation process.

elfGROUP as your business development partner

elfGROUP’s cyber security specialists have extensive expertise in the development of information systems, integration and the protection of corporate IT environments. In addition, they have solid experience in mapping, risk assessment and perimeter firewall design adapted to meet the needs of different sized companies. In addition to the solution-oriented service attitude, our experts have decades of practical experience in different industries and technology environments.


The security assessment performed by elfGROUP improved our solution’s cybersecurity and the trustworthiness of our cloud platform which is critical for us and our customers.

Heikki Nousiainen
Chairman of the Board, Aiven Ltd.




Interested to learn more

Interested to learn more?

In our blog series, we write about cybersecurity domain in general, our service and product offerings as well as show case some of our customer cases. The blog posts are categorized by service types.

Read CyberSafe Certification related articles