Common Criteria is an international standard for evaluating and certifying the security features and capabilities of information technology products.The system under review is verified as meeting a set of standards that allows for a quick comparison of security features available based on what the developer states are in place. When reviewing the results of the Common Criteria certification, it is important to take into consideration how the test environment was set up and how the software under review was configured. It should be noted that in most instances the CC certification process uses a different configuration then what comes out-of-the-box from the manufacturer n
Applicability:
- Validates products based on deep analysis, especially regarding how software operates in specific environments.
- Formerly used EAL levels, now transitioning to protection profiles.
- Not applicable to cloud-based products due to abstraction.
URL: Common Criteria