CyberArk, the global leader in privileged access management, announced it achieved international Common Criteria certification by the National Information Association Partnership (NIAP).
The Common Criteria certification validates that the CyberArk Privileged Access Security Solution meets strict security requirements for U.S. National Security System (NSS) procurement. This certification is also used globally, by organizations in 31 member countries, to assess security solutions.
This acknowledgement from NIAP extends the list of CyberArk solutions that have achieved Common Criteria certification. CyberArk holds the industry’s most comprehensive set of privileged access management government certifications.
Most recently, the CyberArk solution was awarded a Common Criteria certification accepted by the Common Criteria Recognition Agreement (CCRA) under an Evaluation Assurance Level (EAL) 2+.
CyberArk is also included on the U.S. Department of Defense Information Network Approved Products List (DoDIN APL) and the U.S. Army Certificate of Networthiness (CoN) under the Cybersecurity Tools (CST) device type (Tracking Number (TN) 1712401).
CyberArk helps federal agencies meet compliance requirements including FISMA/NIST SP 800-53, Phase 2 of the Department of Homeland Security Continuous Diagnostics and Mitigation (CDM) program, NERC-CIP, HSPD-12 and more.
“Government agencies and other organizations in highly regulated industries are embracing digital transformation to improve efficiency and service delivery. However, those investments in areas like cloud and DevOps can dramatically expand the attack surface, making these organizations prime targets for cyber attackers,” said Adam Bosnian, executive vice president, CyberArk.
“This latest Common Criteria certification makes it easier for organizations to adopt the world’s leading privileged access management solution to reduce security risk and improve compliance.”
Governed by ISO/IEC standards bodies, the Common Criteria certification is the most widely recognized international evaluation standard for security in IT products and the U.S. government mandates Common Criteria certification for federal NSS purchases.
Evaluations are conducted by approved independent licensed laboratories using certified evaluators. Virginia-based Corsec Security was CyberArk’s strategic advisor in this certification process.
According to a recent study, 78% of public sector respondents said their organization prioritized cybersecurity, yet nearly half believed that attackers can get into their network each time they try, and 68% admit their organization is susceptible to carefully crafted attacks.
With the most damaging cyber attacks involving some level of privileged access, CyberArk helps government organizations better secure their critical infrastructure, reduce risk and protect against attackers and malicious insiders.
CyberArk delivers the most comprehensive solution for eliminating advanced cyber threats by identifying existing privileged credentials across networks and managing and monitoring those credentials to reduce risk and improve security and compliance.
By utilizing advanced analytics and continuous monitoring, CyberArk detects and isolates anomalous behavior and stops in-process attacks including those perpetrated through external attackers or malicious insiders.