Feds certify lab to test security apps

NIAP CC Evaluation and Validation Scheme home page

The government has certified CygnaCom Solutions Inc.'s Security Evaluation Laboratory to test information security software to assure users that security products perform the functions that vendors claim.

The laboratory accreditation, announced Aug. 14, comes from the National Infrastructure Assurance Partnership, a collaboration of the National Institute of Standards and Technology and the National Security Agency. The partnership oversees the certification of laboratories and the testing of products under the Common Criteria Evaluation and Validation Program, an international standard that experts are encouraging civilian agencies to consider when purchasing security products.

The CygnaCom laboratory is accredited under the NIST National Voluntary Laboratory Accreditation Program to perform testing for the first four levels of evaluation assurance available under the Common Criteria scheme.

National security agencies are already required to give preference to products that have been accredited under the Common Criteria program. NIST issued a set of draft guidelines in March suggesting that civilian agencies also give preference to products that have been accredited under the program.

"Use of products with an appropriate degree of assurance contributes to security and assurance of the system as a whole and thus should be an important factor in IT procurement decisions," the draft stated.

NIST is collecting comments, and final guidelines are due later this year.

A full list of Common Criteria testing laboratories is due soon on the NIAP Common Criteria site.


  • Defense
    DOD photo by Senior Airman Perry Aston  11th Wing Public Affairs

    How DOD's executive exodus could affect tech modernization

    Back-to-back resignations raise concerns about how things will be run without permanent leadership in key areas from policy to tech development.

  • Budget
    cybersecurity (vs148/Shutterstock.com)

    House's DHS funding bill would create public-private cyber center

    The legislation would give $2.25 billion to DHS' cyber wing and set up an integrated cybersecurity center with other agencies, state and local governments and private industry.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.