DoDIN APL

Get your solution added to the Department of Defense’s Approved Products List

APL White 406x406

DoDIN APL

Get your solution added to the Department of Defense’s Approved Products List

What Is The DoDIN APL?

The Department of Defense created the Department of Defense Information Network Approved Products List (DoDIN APL) in 2011 to identify solutions that were tested and trusted to address government security concerns.
The DoDIN APL represents the agency’s master list of products available for purchase that are secure, trusted, and approved for deployment within the DoD’s technology infrastructure. Over the years, the DoDIN APL has been referred to by many names, including the UC APL (Unified Capabilities Approved Products List), JITC and STIG Testing, and more.

The Standard: DoDIN APL

Listing on the DoDIN APL is required for all products that are implemented into the technology infrastructure of the U.S. DoD by mandate DoDI 8100.04 and fulfills Risk Management Framework (RMF) CS/IA testing requirements.
U.S. government procurement for products that are on the DoD network is limited to only those solutions that have completed the DoDIN APL process.
The DoDIN APL has been referred to by many names, including the UC APL (Unified Capabilities Approved Products List), JITC and STIG Testing, and more.

The Essentials: Security Requirements

To complete the listing process for the DoDIN APL, companies must pass certain requirements for product testing as well as program support. These requirements include:
Product Testing & Requirements
  • Cryptography
  • Information Assurance
  • CAC/PKI
  • IPv6
  • UCR (2013) Requirements
  • CS Testing
  • SAR Testing
  • IO Testing
Program Support
  • Sponsor
  • Submission Package
  • Tracking Number
  • Initial Contact Meeting
  • DoD Testing Facility
As part of your listing, your product must complete the FIPS 140-2 Requirements as well as Requirements for Common Criteria. These requirements include documentation and testing in areas such as cryptography, entropy, information assurance, interoperability, and more.
In some cases these certifications and validations can be done simultaneously, leveraging lessons learned, best practises, and testing from one another.

The Process: Done Once, Done Right

Corsec’s Three-Step Methodology helps to decrease risk, increase security, and accelerate sales; guaranteeing listing success – Done Once, Done Right!

Corsec Assess for FIPS 140-2. Common Criteria, and the DoDIN APL

Assess

An Assessment of Your Company & Product to Identify an Efficient Listing Path

Corsec Enhance for FIPS 140-2. Common Criteria, and the DoDIN APL

Enhance

Design Consulting to Harden Your Product Against DoDIN APL Requirements

Corsec Validate for FIPS 140-2. Common Criteria, and the DoDIN APL

Validate

End-to-End Support to Guide You Through The Entire Listing Process

Corsec Assess for FIPS 140-2. Common Criteria, and the DoDIN APL

Assess

An Assessment of Your Company & Product to Identify the Most Efficient Path to Listing

Corsec Enhance for FIPS 140-2. Common Criteria, and the DoDIN APL

Enhance

Design Consulting to Harden Your Product Against DoDIN APL Requirements

Corsec Validate for FIPS 140-2. Common Criteria, and the DoDIN APL

Validate

End-to-End Support to Guide You Through The Entire Listing Process
Determining the appropriate approach for your DoDIN APL listing is essential; depending on your product, the path you pursue, your STIGS, and the engineering changes required, your path to listing could alter greatly.

Have Questions? Talk To An Expert