Red Hat Blog
For our customers who work in regulated environments such as government agencies, formal security certifications are important. Red Hat has long understood the critical role these certifications play in providing confidence that our solutions meet specific security requirements, and as a result, we put our products through the internationally-recognized Common Criteria process.
We are pleased to be able to announce that the upcoming Red Hat JBoss Enterprise Application Platform (JBoss EAP) 6.2 is currently in evaluation for Common Criteria certification (certificate number BSI-DSZ-CC-0909). Undergoing the Common Criteria certification process reinforces our commitment to information technology (IT) security for public-sector customers and continues the high standards set by previous JBoss releases (JBoss EAP 4 and 5 and JBoss Data Services 5).
The Common Criteria is an internationally recognized set of standards used by the federal government and other organizations to assess the security and assurance of technology products. In the Common Criteria scheme, the Evaluation Assurance Level (EAL) represents the depth and rigor of the evaluation, giving consumers the confidence that products specified at a specific level meet the package of security assurance requirements associated with that level. JBoss EAP 6.2 will be evaluated at level 4+, the highest evaluation level for commercial software.
This certification provides government agencies, financial institutions, and customers in other security-sensitive environments reassurance that JBoss EAP 6.2 will meet or exceed their security requirements.
A list of other Red Hat products already Common Criteria Certified can be found here: http://www.redhat.com/solutions/industry/government/certifications.html#Certs.