Corsec would like to congratulate our partner, CyberArk Software Ltd., on completing the Common Criteria certification process for their Privileged Access Security Solution (PAS). PAS helps government organizations prevent the theft, abuse, and misuse of privileged credentials in advanced cyber attacks, while better containing threats, and limiting damage.
The PAS solution was awarded the Common Criteria certification through the U.S. scheme under a NIAP Approved Protection Profile. All certification details are now available for review within the Security Target and their certificate has been posted. To see a complete listing of all Common Criteria certified products, click here.
CyberArk’s partner in this endeavor was Corsec Security, Inc., helping to design, document, test, and manage the process alongside CyberArk’s award winning team. “By completing this Common Criteria certification, government organizations and regulated industries around the globe now have access to a third party tested and trusted Privileged Access Management solution” said Jake Nelson, Director of Marketing at Corsec Security, Inc. “CyberArk’s dedication to providing customers and end users with the most scrutinized and highly tested security solutions continues with this recent certification.”
For more information on engineering your product to meet Federal and regulated industry security requirements, schedule time to speak to a Corsec engineer.
About Common Criteria
Common Criteria is an internationally recognized set of guidelines (ISO 15408), which define a common framework for evaluating security features and capabilities of Information Technology security products. The standard consists of several predetermined evaluation assurance levels, each one more stringent than the last. Common Criteria allows vendors to have their products tested against a chosen level by an independent third-party testing laboratory. The Common Criteria Mutual Recognition Agreement (CCRA) is a pact, which was designed to allow all evaluations up to an evaluation assurance level (EAL) 2, to be recognized by all participating countries, regardless of where the evaluation was completed. There are currently 31 countries involved in the CCRA, including the United States and Canada, with others that follow unofficially such as the EU. The U.S. government mandates Common Criteria certification of security products for federal purchases. The National Information Assurance Acquisition Policy, NSTISSP No. 11, requires agencies to purchase only those commercial security products that have met specified third-party assurance requirements and have been tested by an accredited national laboratory.
CyberArk is a global leader in privileged access management, a critical layer of IT security to protect data, infrastructure and assets across the enterprise, in the cloud and throughout the DevOps pipeline. CyberArk delivers the industry’s most complete solution to reduce risk created by privileged credentials and secrets.
For further information, please visit their website at www.cyberark.com
About Corsec Security, Inc.
For two decades Corsec has assisted companies through the IT security certification process for FIPS 140-2, Common Criteria (CC) and the DoD’s APL. We are a privately owned company focused on partnering with organizations worldwide to assist with the process of security certifications and validations. Our certification methodology helps open doors to new markets and increase revenue for clients with products ranging from mobile phones to satellites. Our broad knowledge safeguards against common pitfalls and thwarts delays, translating to a swift and seamless path to certification. Corsec has created the benchmark for providing business leaders with fast, flexible access to industry knowledge on security certifications and validations.
Stay up to date with Corsec as we bring you all the most recent updates to the standards, certifications, and requirements – Subscribe