Feds certify lab to test security apps
The government has certified CygnaCom Solutions Inc.'s Security Evaluation Laboratory to test information security software to assure users that security products perform the functions that vendors claim.
NIAP CC Evaluation and Validation Scheme home page
The government has certified CygnaCom Solutions Inc.'s Security Evaluation Laboratory to test information security software to assure users that security products perform the functions that vendors claim.
The laboratory accreditation, announced Aug. 14, comes from the National Infrastructure Assurance Partnership, a collaboration of the National Institute of Standards and Technology and the National Security Agency. The partnership oversees the certification of laboratories and the testing of products under the Common Criteria Evaluation and Validation Program, an international standard that experts are encouraging civilian agencies to consider when purchasing security products.
The CygnaCom laboratory is accredited under the NIST National Voluntary Laboratory Accreditation Program to perform testing for the first four levels of evaluation assurance available under the Common Criteria scheme.
National security agencies are already required to give preference to products that have been accredited under the Common Criteria program. NIST issued a set of draft guidelines in March suggesting that civilian agencies also give preference to products that have been accredited under the program.
"Use of products with an appropriate degree of assurance contributes to security and assurance of the system as a whole and thus should be an important factor in IT procurement decisions," the draft stated.
NIST is collecting comments, and final guidelines are due later this year.
A full list of Common Criteria testing laboratories is due soon on the NIAP Common Criteria site.
NEXT STORY: N.J. millions to fuel tech work force