NIAP: NIAP Home Page
NIAP/CCEVS Home Page

NIAP Oversees Evaluations of Commercial IT Products for Use in National Security Systems
Questions?  We're here to help

  About NIAP

The National Information Assurance Partnership (NIAP) is responsible for U.S. implementation of the Common Criteria, including management of the NIAP Common Criteria Evaluation and Validation Scheme (CCEVS) validation body.  NIAP manages a national program for developing Protection Profiles, evaluation methodologies, and policies that will ensure achievable, repeatable, and testable requirements.  In partnership with NIST, NIAP also approves Common Criteria Testing Laboratories to conduct these security evaluations in private sector operations across the U.S. 

NIAP takes a collaborative approach to technology-specific protection profile development by supporting the creation of international technical communities of representatives from industry, government, end users, and academia.  This results in consistent evaluation methodologies across U.S. testing labs and among labs associated with international Common Criteria Recognition Arrangement schemes. 

NIAP also works with NATO and international standards bodies (ISO) to share Common Criteria evaluation experiences and avoid duplication of effort.  In the U.S., NIAP engages with other National Security Systems (NSS) users to ensure Protection Profiles, along with their associated DoD Annexes, provide a streamlined certification path for IA and IA enabled COTS products employed with NSS. 


  • NIAP Policy #5 amd Policy #5 Frequently Asked Questions Updated

    NIAP CCEVS Policy #5: "Applicability and Relationship of NIST Cryptographic Algorithm Validation Program (CAVP) and Cryptographic Module Valida...

    Read More

  • NIAP publishes the Protection Profile Module for VPN Gateways, Version 1.0

    NIAP has published the Protection Profile Module for VPN Gateways, Version 1.0, its Supporting Document, and PP-Configuration to the NIAP-Approved PP List.  Products may now be evaluated against the PP-Configuration for Network Device and Virtual Private Network (VPN) Gateways, Version 1.0, dated 22 November 2019. Changes were limited to converting the VPN Gateway Extended Package to PP-Module format for use with NDcPP 2.1 and incorporating all applicable Technical Decisions. Therefore, the Extended Package...

    Read More

  • See the NIAP Third Quarter Progress Report   to learn about recent NIAP accomplishments and activities, and upcoming releases.

    Read the report here.

  • NIAP endorses and publishes the collaborative Protection Profile Module for Stateful Traffic Filter Firewalls, Version 1.3

    NIAP has endorsed the collaborative Protection Profile Module for Stateful Traffic Filter Firewalls, Version 1.3 and published the cPP-Module and Supporting Documents to the NIAP-Approved PP List.  This endorsement is a formal statement that products successfully evaluated against the PP-Configuration for Network Device and Stateful Traffic Filter Firewalls, Version 1.3, dated 27 September 2019 and in compliance with all NIAP policies, will be placed on the NIAP Product Compliant List. This PP-Module replaces th...

    Read More

  • The Configuration Annex for the collaborative Protection Profile for Stateful Traffic Filter Firewall Version 2.0 + Errata (cpp_fw_2.0e) has been published to the NIAP Protection Profile website. This Annex is consistent with [CNSSI-1253], which requires US National Security Systems to adhere to certain configuration parameters.

  • Want more news?

    Check out all the announcements online or...

    subscribe.













  Focus Areas

Industry
 
U.S. Government
 
International Partners
  Events


Site Map              Contact Us