After months of hard work and dedication, Corsec is proud to congratulate HP on successfully completing the Common Criteria validation for it’s products; SiteScope v11.30 and Operations Orchestration (OO) v10.20. These products were tested and validated through the most stringent of security standards receiving a validation under an EAL2+, which underscores HP’s commitment to helping federal organizations and global enterprises secure products around the world. Corsec is pleased to have helped HP reach this amazing goal over the last year. Corsec has been consistently partnering with product vendors worldwide to manage the process of security certifications and validations, including FIPS 140-2, Common Criteria and the DoDIN APL.
About Common Criteria
Common Criteria is an internationally recognized set of guidelines (ISO 15408), which define a common framework for evaluating security features and capabilities of Information Technology security products. The standard consists of several predetermined evaluation assurance levels, each one more stringent than the last. Common Criteria allows vendors to have their products tested against a chosen level by an independent third-party testing laboratory. The Common Criteria Mutual Recognition Agreement (CCRA) is a pact, which was designed to allow all evaluations up to an evaluation assurance level (EAL) 2, to be recognized by all participating countries, regardless of where the evaluation was completed. There are currently 26 countries involved in the CCRA, including the United States and Canada, with others that follow unofficially such as the EU. The U.S. government mandates common Criteria certification of security products for federal purchases. The National Information Assurance Acquisition Policy (NIAAP), NSTISSP No. 11, requires agencies to purchase only those commercial security products that have met specified third-party assurance requirements and have been tested by an accredited national laboratory.
See a larger list of the clients we have helped navigate the process of security certifications here!
In addition to helping companies reduce risk, increase financial returns and improve branding, Corsec’s approach to Certification can help companies:
- Shorten time to market and eliminate the impact of missed financials
- Assure its customers that its product has been independently tested and Validated
- Access to untapped markets which have certifications as barriers to entry
- Create a competitive advantage
Looking towards the 2016 Fed buying cycle? Schedule your assessment today to develop a path forward for your product.