Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

What is the difference between NIAP CCEVS evaluated products and NSA approved products?

Approved ccevs evaluated NIAP NSA products
0
Posted

What is the difference between NIAP CCEVS evaluated products and NSA approved products?

0 CommentsAdd a Comment

1 Answer

0

Products found on the NIAP Validated Products List (VPL) have been tested and shown to meet the security requirements articulated in their associated security targets. Residing on the VPL, by itself, is not grounds for NSA or NIST endorsement of the product. It is only an acknowledgement that the product’s security claims have been tested using a Common Evaluation Methodology and that those claims have been shown to be true to a certain level of confidence (i.e., It does not make a statement that the claims that were made were indeed the right ones to make.) However, some products on the NIAP VPL will be approved by NSA. Specifically, products that meet one of NSA’s approved Protection Profiles that have been written for various technologies (e.g., operating systems, firewalls) fall into this category. The NIAP Validated Products List clearly annotates those products that are compliant to NSA approved Protection Profiles. In addition to products that meet approved NSA protection profil

0 CommentsAdd a Comment

Related Questions

What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.

Experts123