SpecterAI Quantum Security, Vietnam’s post-quantum cryptography compliance and certification authority, today announced a strategic partnership with CCLab, a globally accredited cybersecurity evaluation laboratory and a QIMA Group company. The alliance is designed to deliver end-to-end cybersecurity certification, formal security evaluations, and post-quantum cryptography (PQC) compliance services to enterprises, financial institutions, government bodies, and technology companies across Vietnam and the broader Asia-Pacific region.
Vietnamese enterprises are navigating a rapidly converging set of cybersecurity obligations — from the July 2026 effective date of Vietnam’s Cybersecurity Law 116/2025 and the State Bank’s Circular 50 deadlines in 2028, to the global NIST RSA/ECC deprecation milestone in 2030 and the hard international cutoff for legacy cryptography in 2035. At the same time, nation-state threat actors are actively deploying “Harvest Now, Decrypt Later” strategies, archiving encrypted enterprise traffic today with the intent to decrypt it the moment quantum computing hardware matures — an estimated three to seven years away.
The collaboration is structured to eliminate the traditional gap between advisory services and formal certification — a gap that has historically forced organisations to engage multiple unconnected vendors, slowing compliance timelines and increasing cost.
SpecterAI brings to the partnership its proprietary SPECTER PQC Validation Platform, a patent-pending five-phase compliance engine and an independent PQC validation platform operating in Vietnam. SPECTER automates cryptographic inventory and Cryptographic Bill of Materials (CBOM) generation, scans TLS, VPN, API, and HSM endpoints, ranks quantum-vulnerable assets by exposure and business criticality, and maps migration pathways to both Vietnamese national standards and international frameworks including NIST FIPS 203, 204, and 205. SpecterAI also conducts pre-evaluations, gap analyses, document preparation, and local remediation roadmaps — preparing clients fully before the formal evaluation process begins.
CCLab steps in at the point where formal, internationally recognised validation is required. Founded in 2013 and operating laboratories in Budapest and Debrecen, Hungary, CCLab brings over thirteen years of experience in Common Criteria evaluations, accredited laboratory operations, and the full spectrum of cybersecurity certification. CCLab holds five internationally recognised accreditations — including ISO/IEC 17025, licensing by both OCSI (Italy) and TrustCB (The Netherlands) under the EUCC Scheme, CB Testing Laboratory recognition under the IECEE CB Scheme since 2024, and qualified testing laboratory status under the RED notified body CerTrust. The company has successfully completed more than 200 projects for over 140 satisfied clients worldwide.
“CCLab has built its reputation on one principle: earning global trust through rigorous, accredited evaluation. Vietnam and the Asia-Pacific region represent an important and underserved market for formal cybersecurity certification. Partnering with SpecterAI — a team that deeply understands the local regulatory landscape and has the technical depth to prepare clients to the highest standard — is exactly the kind of collaboration that creates real value for organisations trying to comply with both domestic and international requirements.” said Ferenc Molnár, Founder & CEO, CCLab.
SpecterAI’s SPECTER platform conducts cryptographic inventories, risk prioritisation, and migration planning aligned to NIST PQC standards and Vietnam’s national VN-PQSign framework. CCLab manages the formal evaluation, certification, and official submission to international certification bodies including OCSI in Italy and TrustCB in the Netherlands. CCLab conducts accredited evaluations under the EUCC framework and Common Criteria at assurance levels up to EAL4+ — with a proven track record of completing such evaluations in as few as four months.
Regulatory Compliance Across Multiple Frameworks
The partnership covers Radio Equipment Directive (RED) cybersecurity evaluation and notified body certification; Cyber Resilience Act (CRA) compliance preparation; Medical Device cybersecurity under IEC 81001-5-1; and Industrial Control System cybersecurity under ISA/IEC 62443.
Core Security Testing & Assessment Services
The partnership delivers penetration testing across network, application, API, cloud, and mobile environments; vulnerability assessments and attack surface analysis; cloud security architecture and configuration reviews; source code review; security architecture and design reviews; configuration and hardening audits; and third-party and supply chain risk assessments.
Common Criteria Training & Laboratory Development
CCLab has successfully supported CC laboratory setup and training in Romania, Qatar, Pakistan, and Slovakia, with several additional projects ongoing across Europe and Asia. This expertise is now available to APAC institutions seeking to build or expand sovereign cybersecurity evaluation capacity.
