Choose the right Common Criteria (CC) evaluation – EAL or PP - to get access to new markets and provide trusted assurances on your product’s security features. Our global network of accredited CC-laboratories provide a faster and hassle-free route to Common Criteria Certification, including NIAP-listing and SOG-IS Technical Domains.
Common Criteria (ISO/IEC 15408) is an international standard for evaluating and certifying the security of IT products and systems. It ensures that security features and capabilities are rigorously tested and verified, providing a trusted basis for assessing product security.
Common Criteria defines seven Evaluation Assurance Levels (EALs), ranging from EAL1 (basic assurance) to EAL7 (highest assurance). Each level involves progressively more thorough testing and evaluation, ensuring that products meet specific security requirements appropriate to their use cases.
The Common Criteria certification process ensures that IT products meet stringent security standards through a structured evaluation and testing approach.
Our labs are accredited by the Spanish, Canadian, and US Certification Bodies. Our CC certificates open market access to Europe and North America, and have worldwide recognition.
Evaluate your product following industry-recognized Protection Profiles. Give your customers an easy way to understand, compare, and trust your product's security features.
Tailor your Common Criteria evaluation to your market needs, with EAL-based evaluations. We have extensive experience evaluating products with high assurance, up to EAL6+
Our labs have developed innovative frameworks (CCToolBox and Greenlight) to speed up the certification process thanks to key automation milestones, such as CC testing and specific CC documentation generation, evaluation, and validation.
Get your product listed in the NIAP-compliant list, required for any product intended to be used in the US National Security Systems.
Obtain an extra layer of confidence and market recognition in your CC certificate, with SOG-IS recognition, the European MRA for high assurance evaluations on Smart Cards and Security Boxes Technical Domains.
We collaborate with organisations such as ENISA or the SCCG to define future cybersecurity schemes, such as EUCC and 5G.
A Common Criteria methodology certificate is the most globally accepted security credential. CC provides well-defined assurances on your product's security claims, boosting confidence in your end-clients, and setting your product apart from similar, non-certified competitors.
Being listed in the NIAP or the CC website could be a pre-requisite if you wish to participate in tenders from public agencies and large customers (Banks, Telecom Operators, etc.).
We are proud to be an accredited CC lab for more than 15 years. Our trajectory and expertise have led us to certify dozens of products, many with high assurance evaluations. Our labs in Barcelona and Madrid are accredited by the Spanish Certification Body (CCN), and qualified for the European MRA (SOG-IS).
Since 2022, two young and fast-growing laboratories have joined our ranks. Lightship Security is a Canadian company accredited for the Common Criteria Canadian (CCCS) and US (NIAP) schemes. jtsec is a Spanish CC-accredited lab, highly involved in the development of new security schemes at a European and international level. We also have technical offices in Shanghai and Seoul to provide local support for our customers in the area.
Applus+ uses first-party and third-party cookies for analytical purposes and to show you personalized advertising based on a profile drawn up based on your browsing habits (eg. visited websites). You can accept all cookies by pressing the "Accept" button or configure or reject their use. Consult our Cookies Policy for more information.
They allow the operation of the website, loading media content and its security. See the cookies we store in our Cookies Policy.
They allow us to know how you interact with the website, the number of visits in the different sections and to create statistics to improve our business practices. See the cookies we store in our Cookies Policy.