We recently announced that our 5G core, the GeniusCore, was evaluated and certified under the NESAS framework by the German Federal Office for Information Security (BSI). This post looks at why we chose to go through that process, and what it actually means in practice.
Why we chose NESAS certification
For us, security has never been something we add at the end. It has always been part of how we design and build our core. That’s also why independent verification matters. It’s one thing to say a product is secure, but it is another to have that assessed against a recognised framework by an external body.
NESAS focuses not just on the software itself, but on how it is developed. It looks at processes, documentation, and how consistently security is handled across the organisation.
We also made a conscious decision to go through this process early. Private 5G is increasingly used in environments where security is critical. We wanted to meet that expectation sooner, rather than later.
Today, the GeniusCore is the first and only 5G core for private networks to receive NESAS certification from the BSI (German Federal Office for Information Security). That’s something we’re proud of, and it really reflects the way we approach security as a core part of the product.
Security by design, not by default
Security by design means that security is built into the system from the start, and this also extends beyond the technology itself. Security is built in at an organisational level, with clear processes in place and active support from management to ensure they are followed.
The alternative is to address security later, often in response to requirements or issues, which can create gaps.
With the GeniusCore, security is a defined objective from the beginning. NESAS helped validate that this is not just a principle, but something that is implemented in practice across our development workflows.
What we’ve learned
The process was incredibly valuable from our side too. The external feedback helped us refine how we approach certain areas, such as software versioning in parallel development workflows and even better handling of security reports. These are practical details, but they make a difference when it comes to maintaining a secure system over time.
NESAS was not just a one-time check. It established a structured approach for continuous security evaluation within our development process.
Why this matters for our customers
For customers, the main benefit is clarity. Instead of relying solely on vendor claims, they now have an independent assessment that confirms how security is handled within the core. This is particularly relevant for organisations operating in regulated or mission-critical environments, where security requirements are paramount.
Most importantly, it shows that security of our product is not something assumed at CampusGenius. It is something that has been deliberately designed, implemented and verified.
For us, NESAS certification is not an endpoint. It is part of how we continue to build and improve the GeniusCore. Security is an ongoing process, and this has given us a strong foundation to build on.
You can view our certification here, or if you’d like to find out more about how Germany’s most secure private 5G core can work for you, simply get in touch here.
