What Was The UC APL?
The Department of Defense created the (Unified Capabilities Approved Products List) in 2011 to identify solutions that were tested and trusted to address government security concerns.
The UC APL represents the agency’s master list of products available for purchase that are secure, trusted, and approved for deployment within the DoD’s technology infrastructure. Over the years, the UC APL has been referred to by many names, including JITC Testing, STIG Testing, STIGing, and more.
The Standard The Essentials The Process
The Standard: UC APL
Listing on the UC APL is required for all products that are implemented into the technology infrastructure of the U.S. DoD by mandate DoDI 8100.04 and fulfills Risk Management Framework (RMF) CS/IA testing requirements.
U.S. government procurement for products that are on the DoD network is limited to only those solutions that have completed the UC APL process.
The Essentials: Security Requirements
To complete the listing process for the UC APL, companies must pass certain requirements for product testing as well as program support. These requirements include:
Product Testing & Requirements
- Information Assurance
- UCR (2013) Requirements
- CS Testing
- SAR Testing
- IO Testing
- Submission Package
- Tracking Number
- Initial Contact Meeting
- DoD Testing Facility