NIAP: NIAP Home Page

NIAP Oversees Evaluations of Commercial IT Products for Use in National Security Systems
Questions?  We're here to help

  About NIAP

The National Information Assurance Partnership (NIAP) is responsible for U.S. implementation of the Common Criteria, including management of the NIAP Common Criteria Evaluation and Validation Scheme (CCEVS) validation body.  NIAP manages a national program for developing Protection Profiles, evaluation methodologies, and policies that will ensure achievable, repeatable, and testable requirements.  In partnership with NIST, NIAP also approves Common Criteria Testing Laboratories to conduct these security evaluations in private sector operations across the U.S. 

NIAP takes a collaborative approach to technology-specific protection profile development by supporting the creation of international technical communities of representatives from industry, government, end users, and academia.  This results in consistent evaluation methodologies across U.S. testing labs and among labs associated with international Common Criteria Recognition Arrangement schemes. 

NIAP also works with NATO and international standards bodies (ISO) to share Common Criteria evaluation experiences and avoid duplication of effort.  In the U.S., NIAP engages with other National Security Systems (NSS) users to ensure Protection Profiles, along with their associated DoD Annexes, provide a streamlined certification path for IA and IA enabled COTS products employed with NSS. 

  • NIAP endorses and publishes the collaborative Protection Profile Module for Stateful Traffic Filter Firewalls, Version 1.3

    NIAP has endorsed the collaborative Protection Profile Module for Stateful Traffic Filter Firewalls, Version 1.3 and published the cPP-Module and Supporting Documents to the NIAP-Approved PP List.  This endorsement is a formal statement that products successfully evaluated against the PP-Configuration for Network Device and Stateful Traffic Filter Firewalls, Version 1.3, dated 27 September 2019 and in compliance with all NIAP policies, will be placed on the NIAP Product Compliant List. This PP-Module replaces th...

    Read More

  • The Configuration Annex for the collaborative Protection Profile for Stateful Traffic Filter Firewall Version 2.0 + Errata (cpp_fw_2.0e) has been published to the NIAP Protection Profile website. This Annex is consistent with [CNSSI-1253], which requires US National Security Systems to adhere to certain configuration parameters.

  • PP-Module for SSL/TLS Inspection Proxy v1.0 Published!

    The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the PP-Module for SSL/TLS Inspection Proxy. This PP-Module describes the security functionality of SSL/TLS Inspection Proxy and defines functional and assurance requirements for such products. This PP-Module is intended to specify the functionality of a network device that includes limited Certification Authority (CA) functionality to issue certificates for the purpos...

    Read More

  • See the NIAP Second Quarter Progress Report to learn about recent NIAP accomplishments and activities, and upcoming releases.

    Read the report here.

  • Want more news?

    Check out all the announcements online or...


  Focus Areas

U.S. Government
International Partners

Site Map              Contact Us