Today, with atsec information security, we announced that JBoss Enterprise Application Platform, v4.3 is currently ‘In Evaluation’ for Common Criteria certification at Evaluation Assurance Level (EAL)2+ (augmented for flaw remediation).
This is an important announcement on many levels. It represents the first major milestone since we announced our intent to pursue additional Common Criteria certifications in Nov. 2007. Beyond this, many U.S. federal government agencies and private-sector companies use Common Criteria evaluations as a benchmark to make informed security decisions when evaluating solutions. Why? Products are evaluated by independent labs under Common Criteria’s stringent and lengthy testing requirements, giving customers an impartial assessment of the product’s ability to meet specific security requirements. Outside of the U.S., dozens of nations now recognize Common Criteria certifications, agreeing that the evaluations "contribute significantly to confidence in the security of those products." Because Common Criteria is a recognized international standard, it gives private-sector customers with worldwide operations confidence that the products they purchase will meet local security standards.
The announcement also reinforces our commitment to IT security. We’ve long been known for our pursuit of additional security certifications. Red Hat Enterprise Linux is one of the most certified operating systems available. Outside of the JBoss Enterprise Application Platform, we’re not aware of any other open source application server that’s been able to reach this status.
If you want to learn more about our extensive history with Common Criteria certifications, check out our Certifications and Accreditations page.