Requirements for security certifications and validations vary depending on the markets you are targeting for your product.

Companies assume that if they only want to sell their products within the U.S., they should pursue certifications domestically. However, this is not always the case, and doing so could add a significant amount of time and product development to your project.

There are certifications recognized worldwide that can be pursued in order to achieve the same outcomes. Each vendor’s unique situation needs to be thoroughly evaluated to determine the best route forward.

Products sold into the U.S. federal government are required to complete FIPS 140-2 validation if they use cryptography in security systems that process sensitive but unclassified information.


The U.S. Federal Government, International Governments, and highly regulated industries around the globe require Common Criteria to prove high levels of information assurance,


If you intend to do business with the U.S. DoD and your product is implemented in the technology infrastructure, you must complete the listing process for the DoDIN APL.



Corsec has worked on hundreds of products, ranging from space-based artificial satellites to next generation firewalls. We stay up to date and research all changes to products and technologies so that we can proactively understand potential challenges and roadblocks to achieving certification. To see more of the over 425 products we have worked on Download Corsec’s Line Card:

Corsec Line Card