NIAP: NIAP Home Page
NIAP/CCEVS Home Page

NIAP Oversees Evaluations of Commercial IT Products for Use in National Security Systems
Questions?  We're here to help

  About NIAP

The National Information Assurance Partnership (NIAP) is responsible for U.S. implementation of the Common Criteria, including management of the NIAP Common Criteria Evaluation and Validation Scheme (CCEVS) validation body.  NIAP manages a national program for developing Protection Profiles, evaluation methodologies, and policies that will ensure achievable, repeatable, and testable requirements.  In partnership with NIST, NIAP also approves Common Criteria Testing Laboratories to conduct these security evaluations in private sector operations across the U.S. 

NIAP takes a collaborative approach to technology-specific protection profile development by supporting the creation of international technical communities of representatives from industry, government, end users, and academia.  This results in consistent evaluation methodologies across U.S. testing labs and among labs associated with international Common Criteria Recognition Arrangement schemes. 

NIAP also works with NATO and international standards bodies (ISO) to share Common Criteria evaluation experiences and avoid duplication of effort.  In the U.S., NIAP engages with other National Security Systems (NSS) users to ensure Protection Profiles, along with their associated DoD Annexes, provide a streamlined certification path for IA and IA enabled COTS products employed with NSS. 


  • PP-Module for VPN Clients (VPN), Version 2.2 Published!

     

    The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the PP-Module for VPN Clients (VPN), Version 2.2.

    This updated version resolves numerous inconsistencies and conflicts for evaluations of standalone VPN applications (e.g VPN Client PP-Module with the Application Software PP as its Base-PP).  Specifically, the update...

    Read More

  • See the NIAP Third Quarter Progress Report to learn about recent NIAP accomplishments and activities, and upcoming releases.

    Read the report here.

  • New Scheme Policy Letter #28 Published

    NIAP has issued Policy Letter #28, Use of evaluated Dedicated Security Components (DSCs) in Common Criteria Evaluation and Validation Scheme (CCEVS) evaluations.  Please review and contact NIAP with any questions.

  • PP-Module for Enterprise Session Controller (ESC), Version 1.0 Published

    The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the PP-Module for Enterprise Session Controller (ESC), Version 1.0. 

    Changes were limited to converting the ESC Extended Package to PP-...

    Read More

  • NIAP publishes the Protection Profile Module for VVoIP, Version 1.0

    NIAP has published the PP-Module for Voice and Video over IP (VVoIP), Version 1.0, its Supporting Document, and a PP-Configuration to the NIAP-Approved PP List.  Products may now be evaluated against the PP-Configuration for Application Software and Voice/Video over IP
    (VVoIP) Endpoints, Version 1.0, dated 28 October 2020. Changes were limited to converting the VVOIP Extended Package to PP-Module format for use with the current versions of the Base-PPs (APP v1.3) and (NDcPP v2.2e) and incorporating all appl...

    Read More

  • PP-Modules for EDR and EDR Host Agent Published

    The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to a...

    Read More

  • Want more news?

    Check out all the announcements online or...

    subscribe.













  Focus Areas

Industry
 
U.S. Government
 
International Partners
  Events


Site Map              Contact Us