DoDIN APL
Get your solution added to the Department of Defense’s Approved Products List

DoDIN APL
Get your solution added to the Department of Defense’s Approved Products List
What Is The DoDIN APL?
The Department of Defense created the Department of Defense Information Network Approved Products List (DoDIN APL) in 2011 to identify solutions that were tested and trusted to address government security concerns.
The DoDIN APL represents the agency’s master list of products available for purchase that are secure, trusted, and approved for deployment within the DoD’s technology infrastructure. Over the years, the DoDIN APL has been referred to by many names, including the UC APL (Unified Capabilities Approved Products List), JITC and STIG Testing, and more.
The Standard The Essentials The Process
The Standard: DoDIN APL
Listing on the DoDIN APL is required for all products that are implemented into the technology infrastructure of the U.S. DoD by mandate DoDI 8100.04 and fulfills Risk Management Framework (RMF) CS/IA testing requirements.
U.S. government procurement for products that are on the DoD network is limited to only those solutions that have completed the DoDIN APL process.
The DoDIN APL has been referred to by many names, including the UC APL (Unified Capabilities Approved Products List), JITC and STIG Testing, and more.
The Essentials: Security Requirements
To complete the listing process for the DoDIN APL, companies must pass certain requirements for product testing as well as program support. These requirements include:
Product Testing & Requirements
- Cryptography
- Information Assurance
- CAC/PKI
- IPv6
- UCR (2013) Requirements
- CS Testing
- SAR Testing
- IO Testing
Program Support
- Sponsor
- Submission Package
- Tracking Number
- Initial Contact Meeting
- DoD Testing Facility
As part of your listing, your product must complete the FIPS 140-2 Requirements as well as Requirements for Common Criteria. These requirements include documentation and testing in areas such as cryptography, entropy, information assurance, interoperability, and more.
In some cases these certifications and validations can be done simultaneously, leveraging lessons learned, best practises, and testing from one another.
The Process: Done Once, Done Right
Corsec’s Three-Step Methodology helps to decrease risk, increase security, and accelerate sales; guaranteeing listing success – Done Once, Done Right!
Determining the appropriate approach for your DoDIN APL listing is essential; depending on your product, the path you pursue, your STIGS, and the engineering changes required, your path to listing could alter greatly.
STAY INFORMED
Stay up to date on certification & industry news. Subscribe to our emails
CONTACT US
Not sure where to start? Set up a free consultation with our team of experts