Corsec would like to congratulate our partner, Pivot3, on completing the Common Criteria certification process under an Evaluation Assurance Level (EAL) 2+ for its vSTAC OS v7.5 hyperconverged infrastructure software platform. Pivot3’s participation in the Common Criteria evaluation process emphasizes the company’s commitment to product security.
“The vSTAC delivers up to 94% usable storage capacity at scale, and consumes only a fraction of the operating overhead compared to other HCI platforms. Pivot3 allows IT to do more with less with a unique distributed scale-out architecture that pools each HCI node’s compute and storage capacity for consumption by every VM and application. Pivot3’s patented erasure coding provides the high availability and resiliency to maintain business performance even during degraded-mode conditions. vSTAC provides interoperability with existing infrastructures, which lets IT organizations run the customized, non-virtualized applications common in large government agencies with the same agility and economics as virtual workloads.
Common Criteria, which is also an ISO standard (ISO 15408), is an internationally recognized set of guidelines which define a common framework for evaluating security features and capabilities of Information Technology security products. The standard consists of several predetermined evaluation assurance levels, each one more stringent than the last, with product security testing performed by independent third-party accredited laboratories. The Common Criteria Mutual Recognition Agreement (CCRA) is a pact, which was designed to allow all evaluations up to an evaluation assurance level (EAL) 2, to be recognized by all participating countries, regardless of where the evaluation was completed. There are currently 27 countries involved in the CCRA, including the United States and Canada, with others that follow unofficially such as the EU.
The U.S. government mandates Common Criteria certification of security products for federal purchases. Through the NSTISSP No. 11, federal agencies are required to purchase only those commercial security products that have met specified third-party assurance requirements and have been tested by an accredited national laboratory.
“Common Criteria Certification is testament to Pivot3’s commitment and adherence to U.S. and international government standards on product security, as well as compliance to the recent Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure, which requires completion of the Common Criteria certification”, Darcy Dinga, executive vice president, Corsec Security.
“Pivot3 improves the simplicity and economics of the enterprise datacenter with industry-leading hyperconverged infrastructure technology. By combining storage, compute, and networking on commodity hardware, Pivot3’s software-defined platforms let IT run multiple, mixed workloads on a single infrastructure while guaranteeing performance to the applications that matter most. Pivot3’s agile infrastructure solutions extend performance, scale and efficiency across more of the datacenter so organizations can adapt to modern business demands. With over 2,000 customers in 54 countries, and 18,000 deployments in multiple industries such as healthcare, government, transportation, security, entertainment, education, gaming and retail, Pivot3 is redefining HCI with smarter infrastructure solutions.”
About Corsec Security
Corsec partners with companies worldwide to manage the IT security certification and validation process. Their approach mitigates the risks associated with certifications and security validations. They accelerate go-to-market readiness, improve brand reputation in the marketplace and significantly increase financial returns for clients.