Corsec would like to congratulate our partner Ivanti; the company that helps transform IT operations through patch and asset management and IT service delivery and security, on completing the Common Criteria certification process under an Evaluation Assurance Level (EAL) 2+ for the Shavlik U.S. Federal Protect Standard v9.2 Update 3. Ivanti’s participation in the Common Criteria evaluation process emphasizes the company’s commitment to product security. The process was completed under the Canadian scheme, with all documentation publicly available here.
“The U.S. Federal Protect Standard v9.2 Update 3 provides patch management, asset inventory, scripts for IT management and Information Assurance Vulnerability Alert (IAVA) reporting. These functions combine to provide a centralized and consistent IT management solution that supports efforts to keep all machines up-to-date and protected from vulnerabilities.”
Common Criteria, which is also an ISO standard (ISO 15408), is an internationally recognized set of guidelines which define a common framework for evaluating security features and capabilities of Information Technology security products. The standard consists of several predetermined evaluation assurance levels, each one more stringent than the last, with product security testing performed by independent third-party accredited laboratories. The Common Criteria Mutual Recognition Agreement (CCRA) is a pact, which was designed to allow all evaluations up to an evaluation assurance level (EAL) 2, to be recognized by all participating countries, regardless of where the evaluation was completed. There are currently 27 countries involved in the CCRA, including the United States and Canada, with others that follow unofficially such as the EU.
The U.S. government mandates Common Criteria certification of security products for federal purchases. Through the NSTISSP No. 11, federal agencies are required to purchase only those commercial security products that have met specified third-party assurance requirements and have been tested by an accredited national laboratory.
Common Criteria also helps to address the newly developed guidance directed by the Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure. For more information on this order and how Ivanti and other companies are helping to meet the cyber security requirements of today’s markets, continue your reading here.
About Ivanti
“Ivanti focuses on enabling organizations to gain control of service delivery, simplify service management processes, acquire real-time visibility across their services and infrastructure, and orchestrate the interactions of people, process, and technology for optimum service performance.”
For further information, please visit www.ivanti.com
About Corsec Security
Corsec partners with companies worldwide to manage the IT security certification and validation process. Their approach mitigates the risks associated with certifications and security validations. They accelerate go-to-market readiness, improve brand reputation in the marketplace and significantly increase financial returns for clients.
For further information, please visit sitdev.corsec.com
Stay up to date with Corsec as we bring you all the most recent updates to the standards, certifications, and requirements – Subscribe