I'm working with a very security oriented organization and I need to document the security of the software. I've tried to get hold of any previous security assessment documentation, like a Common Criteria security evaluation but have not found any for VBR. If you have anything like that to send me it would make things a lot easier.
I have different requirements for security that I need to document, like compliance with Common Criterea Controlled Access Protection Profile (CAPP), access control (not just authentication when logging in, but how it is enforced in the software), activity logging, data protection (e.g. credentials) and so on.