November 18, 2010
Tenable SecurityCenter 4 management suite has advanced to the evaluation phase of NIAP Common Criteria certification
Tenable Network Security, Inc., the leader in Unified Security Monitoring™ and creator of the popular and award-winning Nessus® vulnerability scanner, today announced that it has advanced to the evaluation phase of Common Criteria certification, a security evaluation required by government procurement departments worldwide. Common Criteria certification is an international standards program managed in the U.S. by the National Institute of Standards and Technology (NIST) and the National Security Agency (NSA) and is designed to help government organizations select secure commercial IT products. It is also considered valuable by potential customers in the private sector.
Tenable is working toward Common Criteria's Evaluation Assurance Level 2+ (EAL 2+) for its latest major release, SecurityCenter 4. This level of certification assures customers, in and out of government, that Tenable’s solutions have gone through a rigorous testing and analysis process and conform to IT security standards sanctioned by the International Standards Organization.
The NIAP CCEVS maintains a “Validated Products List” and a separate list of products that are “In Evaluation”. Tenable currently holds Common Criteria certification for the SecurityCenter 3 management suite. Products “in evaluation” are those security-enhanced products that are in the process of being evaluated by a NIAP CCEVS Common Criteria Testing Laboratory (CCTL) under CCEVS validation procedures and can be found on the NIAP CCEVS web site.
“Common Criteria certification is important because it provides independent, standards-based verification of the security functions delivered by Tenable’s SecurityCenter and related components,” said Ron Gula, CEO of Tenable. “Tenable is pleased to undergo this testing to provide our current and future customers the highest level of confidence that our solutions deliver on their security promises. As an added benefit, it also means that our solutions meet global security standards.”