IT Evaluation & Assessment
Common Criteria Evaluation
Consult our experts. We are happy to support you.
The Common Criteria (CC), also known as ISO 15408, is an internationally recognized standard used to specify and assess the security of IT products. It is used by governments and other organizations to confirm the security functionality of information technology products. The CC standard defines a set of criteria by which a product’s security aspects – for example, the development environment, security functionality, and handling of security vulnerabilities – can be meaningfully evaluated.
What atsec offers:
atsec operates under Common Criteria evaluation schemes in Germany, the USA, Sweden, Italy, and in Singapore. The certificates from these countries are recognized in more than 30 countries, and details for atsec’s accreditation and approvals can be found on our certificates page.
Certification authorities:
More information:
Why our services are important to you:
atsec is one of the most experienced evaluation labs in the world, with more than 20 years of experience in the field of security evaluations. Members of atsec have been heavily involved in the development of the German and European information security criteria that were the basis for the Common Criteria, and atsec is involved in the further development of the Common Criteria to this day.
With hundreds of CC evaluations of various information security products completed – including large, complex software systems like operating systems, databases, firewalls, mobile devices, and printing systems of renowned manufacturers – atsec provides both trusted and thorough testing services.
Downloads:
Further information for your journey to certification.
Common Criteria evaluations performed by atsec:
Still have questions?
Can’t find what you’re looking for? Let’s talk!
Security Content Automation Protocol (SCAP)
The Security Content Automation Protocol (SCAP) combines a number of open standards to provide a resource that enables the automation and standardization of technical security operations.
Open Trusted Technology Provider Standard Services
The Open Trusted Technology Provider Standard (O-TTPS) is a collaborative initiative that seeks to prevent tainting and counterfeiting in the global supply chain for COTS information and communication technology.
Medical Devices IEEE 2621
The IEEE Medical Device Cybersecurity Certification Program has been developed by the IEEE 2621 Conformity Assessment Committee (CAC) to provide certification for wireless diabetes devices.
The Information Security Provider
Read Our Latest Blog Articles
Learn the latest and greatest about information security. You’ll find insights and analyses of recent developments in technology and policy on our blog.
-
Strengthening IoT Security: The Role of SESIP Certification
SESIP is an important standard for IoT security, and atsec is now an approved laboratory for SESIP assessments.
-
ICMC 2024 Update
We enjoyed seeing our colleagues at ICMC24, and have updated this year’s animation with Stephan’s opening remarks.
-
The NCCoE’s Automation of the CMVP
The NCCoE presented an update for the Automated CMVP at ICMC 2024 – we have a bit more detail on atsec’s involvement!