Red Hat JBoss Enterprise Application Platform 7.2 Achieves Common Criteria Certification

Achievement exemplifies Red Hat's ongoing dedication to providing top solutions for regulated industries


Red Hat, Inc., the world's leading provider of open source solutions, today announced Red Hat JBoss Enterprise Application Platform (JBoss EAP) 7.2 has been awarded Common Criteria Certification at Evaluation Assurance Level (EAL) 4+ by the Italian Common Criteria scheme Organismo di Certificazione della Sicurezza Informatica (OCSI). The certification provides government agencies, financial institutions, and customers in other security-sensitive and regulated environments the assurance and confidence that JBoss EAP 7.2 meets government security standards.
This achievement demonstrates Red Hat’s industry leadership in technology and security. This is the third time JBoss EAP has achieved Common Criteria certification. In 2015, JBoss EAP 6.2 also achieved recognition at the EAL4+ assurance level. Red Hat’s latest certification will be recognized by all countries under the Common Criteria Recognition Arrangement (CCRA) at Evaluation Assurance Level 2 since there is no generally agreed criteria for higher assurance levels.


We are proud to continue to be Red Hat's laboratory of choice for evaluating its products for Common Criteria Certification. The completion of this certification for JBoss Enterprise Application Platform 7.2 means that the product meets rigorous security standards at the EAL 4+.”

Kenneth Hake

Common Criteria laboratory manager, atsec U.S.

The Common Criteria is an internationally recognized set of standards used by the federal government and organizations to assess the security and assurance of technology offerings. EAL categorizes the depth and rigor of the evaluation, and EAL4+ assures consumers that the software has been methodically designed, tested, and reviewed to meet the evaluation criteria.
Red Hat worked with atsec information security, a government accredited laboratory in the United States, Germany, Sweden, Singapore and Italy to complete the certification. atsec tested and validated the security, performance and reliability of the solution against the Common Criteria Standard for Information Security Evaluation (ISO/IEC 15408) at EAL4+.

Supporting Quotes

Paul Smith, senior vice president and general manager, Public Sector, Red Hat
"We're exceptionally proud that Red Hat JBoss Enterprise Application Platform again has achieved the the Common Criteria Certification. It is important that our customers know they are getting the highest standard of security when they use JBoss EAP,  especially those in highly regulated industries. Common Criteria accreditation is a rigorous security standard and means customers can confidently trust Red Hat with sensitive applications, services and data. Repeatedly achieving this accreditation is a key value of the Red Hat subscription, and one that differentiates enterprise-class open source, and proves our on-going dedication to providing top solutions to security-conscious customers.”  

Kenneth Hake, Common Criteria laboratory manager, atsec U.S.
"We are proud to continue to be Red Hat's laboratory of choice for evaluating its products for Common Criteria Certification. The completion of this certification for JBoss Enterprise Application Platform 7.2 means that the product meets rigorous security standards at the EAL 4+. The evaluation included the security functionality of Access Control, Role-based Access Control, Audit, Clustering, Identification and Authentication, and Transaction Rollback within the scope."

Additional Resources

Connect with Red Hat


  • About Red Hat
  • Red Hat is the world’s leading provider of enterprise open source software solutions, using a community-powered approach to deliver reliable and high-performing Linux, hybrid cloud, container, and Kubernetes technologies. Red Hat helps customers integrate new and existing IT applications, develop cloud-native applications, standardize on our industry-leading operating system, and automate, secure, and manage complex environments. Award-winning support, training, and consulting services make Red Hat a trusted adviser to the Fortune 500. As a strategic partner to cloud providers, system integrators, application vendors, customers, and open source communities, Red Hat can help organizations prepare for the digital future.

  • Forward-Looking Statements
  • Certain statements contained in this press release may constitute "forward-looking statements" within the meaning of the Private Securities Litigation Reform Act of 1995. Forward-looking statements provide current expectations of future events based on certain assumptions and include any statement that does not directly relate to any historical or current fact. Actual results may differ materially from those indicated by such forward-looking statements as a result of various important factors, including: risks related to the ability of the Company to compete effectively; the ability to deliver and stimulate demand for new products and technological innovations on a timely basis; delays or reductions in information technology spending; the integration of acquisitions and the ability to market successfully acquired technologies and products; risks related to errors or defects in our offerings and third-party products upon which our offerings depend; risks related to the security of our offerings and other data security vulnerabilities; fluctuations in exchange rates; changes in and a dependence on key personnel; the effects of industry consolidation; uncertainty and adverse results in litigation and related settlements; the inability to adequately protect Company intellectual property and the potential for infringement or breach of license claims of or relating to third party intellectual property; the ability to meet financial and operational challenges encountered in our international operations; and ineffective management of, and control over, the Company's growth and international operations, as well as other factors. In addition to these factors, actual future performance, outcomes, and results may differ materially because of more general factors including (without limitation) general industry and market conditions and growth rates, economic and political conditions, governmental and public policy changes and the impact of natural disasters such as earthquakes and floods. The forward-looking statements included in this press release represent the Company's views as of the date of this press release and these views could change. However, while the Company may elect to update these forward-looking statements at some point in the future, the Company specifically disclaims any obligation to do so. These forward-looking statements should not be relied upon as representing the Company's views as of any date subsequent to the date of this press release.


    Red Hat, the Red Hat logo and JBoss are trademarks or registered trademarks of Red Hat, Inc. or its subsidiaries in the U.S. and other countries. Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries.