UC APL

The UC APL has been renamed the DoDIN APL!

APL White 406x406

UC APL

The UC APL has been renamed the DoDIN APL!

UPDATE: The UC APL has been renamed the DoDIN APL – Get the latest information on being added to the new Department of Defense’s Approved Products List – DoDIN APL Page

What Was The UC APL?

The Department of Defense created the (Unified Capabilities Approved Products List) in 2011 to identify solutions that were tested and trusted to address government security concerns.
The UC APL represents the agency’s master list of products available for purchase that are secure, trusted, and approved for deployment within the DoD’s technology infrastructure. Over the years, the UC APL has been referred to by many names, including JITC Testing, STIG Testing, STIGing, and more.

The Standard           The Essentials           The Process

The Standard: UC APL

Listing on the UC APL is required for all products that are implemented into the technology infrastructure of the U.S. DoD by mandate DoDI 8100.04 and fulfills Risk Management Framework (RMF) CS/IA testing requirements.
U.S. government procurement for products that are on the DoD network is limited to only those solutions that have completed the UC APL process.

The Essentials: Security Requirements

To complete the listing process for the UC APL, companies must pass certain requirements for product testing as well as program support. These requirements include:
Product Testing & Requirements
  • Cryptography
  • Information Assurance
  • CAC/PKI
  • IPv6
  • UCR (2013) Requirements
  • CS Testing
  • SAR Testing
  • IO Testing
Program Support
  • Sponsor
  • Submission Package
  • Tracking Number
  • Initial Contact Meeting
  • DoD Testing Facility
As part of your listing, your product must complete the FIPS 140-2 Requirements as well as Requirements for Common Criteria. These requirements include documentation and testing in areas such as cryptography, entropy, information assurance, interoperability, and more.
In some cases these certifications and validations can be done simultaneously, leveraging lessons learned, best practises, and testing from one another.

The Process: Done Once, Done Right

Corsec’s Three-Step Methodology helps to decrease risk, increase security, and accelerate sales; guaranteeing listing success – Done Once, Done Right!

Assess

An Assessment of Your Company & Product to Identify an Efficient Listing Path

Enhance

Design Consulting to Harden Your Product Against DoDIN APL Requirements

Validate

End-to-End Support to Guide You Through The Entire Listing Process

Assess

An Assessment of Your Company & Product to Identify the Most Efficient Path to Listing

Enhance

Design Consulting to Harden Your Product Against DoDIN APL Requirements

Validate

End-to-End Support to Guide You Through The Entire Listing Process
Determining the appropriate approach for your UC APL listing is essential; depending on your product, the path you pursue, your STIGS, and the engineering changes required, your path to listing could alter greatly.

Have Questions? Talk To An Expert