Feds certify lab to test security apps

NIAP CC Evaluation and Validation Scheme home page

The government has certified CygnaCom Solutions Inc.'s Security Evaluation Laboratory to test information security software to assure users that security products perform the functions that vendors claim.

The laboratory accreditation, announced Aug. 14, comes from the National Infrastructure Assurance Partnership, a collaboration of the National Institute of Standards and Technology and the National Security Agency. The partnership oversees the certification of laboratories and the testing of products under the Common Criteria Evaluation and Validation Program, an international standard that experts are encouraging civilian agencies to consider when purchasing security products.

The CygnaCom laboratory is accredited under the NIST National Voluntary Laboratory Accreditation Program to perform testing for the first four levels of evaluation assurance available under the Common Criteria scheme.

National security agencies are already required to give preference to products that have been accredited under the Common Criteria program. NIST issued a set of draft guidelines in March suggesting that civilian agencies also give preference to products that have been accredited under the program.

"Use of products with an appropriate degree of assurance contributes to security and assurance of the system as a whole and thus should be an important factor in IT procurement decisions," the draft stated.

NIST is collecting comments, and final guidelines are due later this year.

A full list of Common Criteria testing laboratories is due soon on the NIAP Common Criteria site.

Featured

  • Workforce
    White House rainbow light shutterstock ID : 1130423963 By zhephotography

    White House rolls out DEIA strategy

    On Tuesday, the Biden administration issued agencies a roadmap to guide their efforts to develop strategic plans for diversity, equity, inclusion and accessibility (DEIA), as required under a as required under a June executive order.

  • Defense
    software (whiteMocca/Shutterstock.com)

    Why DOD is so bad at buying software

    The Defense Department wants to acquire emerging technology faster and more efficiently. But will its latest attempts to streamline its processes be enough?

Stay Connected