Red Hat JBoss EAP 7.2 Achieves Common Criteria Certification
Open Source Press Release

Red Hat JBoss EAP 7.2 Achieves Common Criteria Certification

Red Hat announced Red Hat JBoss Enterprise Application Platform (JBoss EAP) 7.2 has been awarded Common Criteria Certification at Evaluation Assurance Level (EAL) 4+ by the Italian Common Criteria scheme Organismo di Certificazione della Sicurezza Informatica (OCSI).

The certification provides government agencies, financial institutions, and customers in other security-sensitive and regulated environments the assurance and confidence that Red Hat JBoss EAP 7.2 meets government security standards.

This achievement demonstrates Red Hat’s industry leadership in technology and security. This is the third time JBoss EAP has achieved Common Criteria certification. In 2015, JBoss EAP 6.2 also achieved recognition at the EAL4+ assurance level. Red Hat’s latest certification will be recognized by all countries under the Common Criteria Recognition Arrangement (CCRA) at Evaluation Assurance Level 2 since there is no generally agreed criteria for higher assurance levels.

The Common Criteria is an internationally recognized set of standards used by the federal government and organizations to assess the security and assurance of technology offerings. EAL categorizes the depth and rigor of the evaluation, and EAL4+ assures consumers that the software has been methodically designed, tested, and reviewed to meet the evaluation criteria.


Red Hat partnering with Atsec

Red Hat worked with Atsec information security, a government accredited laboratory in the United States, Germany, Sweden, Singapore and Italy to complete the certification. Atsec tested and validated the security, performance and reliability of the solution against the Common Criteria Standard for Information Security Evaluation (ISO/IEC 15408) at EAL4+.

Paul Smith, senior vice president and general manager, Public Sector, Red Hat, said, “We’re exceptionally proud that Red Hat JBoss Enterprise Application Platform again has achieved the Common Criteria Certification. It is important that our customers know they are getting the highest standard of security when they use JBoss EAP,  especially those in highly regulated industries. Common Criteria accreditation is a rigorous security standard and means customers can confidently trust Red Hat with sensitive applications, services and data. Repeatedly achieving this accreditation is a key value of the Red Hat subscription, and one that differentiates enterprise-class open source, and proves our on-going dedication to providing top solutions to security-conscious customers.”

Kenneth Hake, Common Criteria laboratory manager, Atsec U.S., added, “We are proud to continue to be Red Hat’s laboratory of choice for evaluating its products for Common Criteria Certification. The completion of this certification for JBoss Enterprise Application Platform 7.2 means that the product meets rigorous security standards at the EAL 4+. The evaluation included the security functionality of Access Control, Role-based Access Control, Audit, Clustering, Identification and Authentication, and Transaction Rollback within the scope.”

Red Hat

About the author

E-3 Magazine

Articles published through E-3 Magazine International. This includes press releases by our partners as well as articles and reports from the E-3 team of journalists.

Add Comment

Click here to post a comment

Social Media

Sign up for e3zine´s biweekly newsbites

Please do not use administrative mail adresses like "noreply@..", "admin@.." or similar as these may get blocked for security reasons.

We use rapidmail for dispatching our newsletter. By signing up, you agree that the data you have entered will be transmitted to rapidmail. Please take note of their terms and conditions and privacy policy. terms and conditions .

Our Authors