|  |
webMethods Earns Common Criteria Certification for IT Security
webMethods, Inc., business integration and optimization software company, announced that the company's flagship product suite, webMethods Fabric(TM), has received Evaluation Assurance Level 2 (EAL 2) Certification from the National Information Assurance Partnership (NIAP) Common Criteria Evaluation and Validation Scheme Validation Body. Certification followed a rigorous testing procedure, which was independently conducted by CygnaCom Solutions' Security Evaluation Laboratory over a six-month period.
The Common Criteria is a globally recognized ISO standard 15408 for assessing the security features and capabilities of information technology products with NIAP administering the program within the United States for the National Institute of Standards and Technology (NIST) and the National Security Agency (NSA). The Common Criteria is accepted by a number of organizations internationally as a definitive standard for guaranteeing that the integrity and security architecture of a technology have been thoroughly tested and validated by an accredited, third-party source. In the United States, for example, the National Security Telecommunications and Information Systems Security Policy #11 stipulates that departments and agencies within the Executive Branch, such as the Department of Defense, may only employ within national security systems Common Criteria certified technology.
"Common Criteria certification is a widely-used benchmark attesting to the suitability of technology for today's most demanding requirements," said Jeremy Epstein, senior director, product security, webMethods, Inc. "With our impressive heritage in meeting these types of requirements, there should be little surprise that webMethods Fabric was the first integration product suite to earn this important designation. In addition to delivering the highest levels of secure performance, the flexibility and adaptability inherent within webMethods Fabric makes it the ideal platform for process management and business integration within mission-critical operations."
Incorporating previously developed Canadian, European and U.S. standards, the Common Criteria is a collaborative commitment between 22 signatory nations to create and maintain a universal evaluation methodology acceptable on a global basis for IT security. The Common Criteria is somewhat unique in evaluating both the IT security functionality as well as the underlying assurance measures that verify that the claimed IT security functionality is effective and has been implemented correctly. Features typically evaluated include support for auditing, cryptography, communications, data protection, identification and authentication, and overall security management. Certification follows a multi-stage testing process designed to assess the security of the overall architecture and its execution within the evaluated technology.
With significant strengths in sectors like energy, financial services, government and telecommunications, webMethods' customers have long benefited from the robust scalability and standards-based architecture offered by webMethods Fabric. These customers include several of the world's largest banks and government organizations, such well-known public entities as the United States Department of Defense, United States Internal Revenue Service and members of the United States Intelligence community. webMethods Fabric provides them with an integrated product suite for integrating, assembling and optimizing end-to-end business processes within a service-oriented architecture.
"Common Criteria certification is a rigorous process that imposes extensive requirements for documentation and testing of a product's security functionality," said Kristina Rogers, Director, CygnaCom Solutions' Security Evaluation Laboratory. "By undergoing this process, webMethods can provide prospective clients with proof that the security features of webMethods Fabric have been tested against rigorous and widely recognized security criteria."
The NIAP maintains a list of currently certified technologies, which may be reviewed by visiting http://niap.nist.gov/cc-scheme/vpl/vpl_type.html 14.12.2005, webMethods, Inc.
Subscribe to the newsletter | | |
| | | |
