New Delhi, India, April 17, 2015: Red Hat, the world’s leading provider of open source solutions, has announced Red Hat JBoss Enterprise Application Platform 6.2 has been awarded the Common Criteria Certification at Evaluation Assurance Level (EAL) 4+ – the highest level of assurance for a commercial middleware platform. This certification provides government agencies, financial institutions, and customers in other security-sensitive environments the assurance that Red Hat JBoss Enterprise Application Platform 6.2 meets government security standards.
Achieving the Common Criteria Certification for JBoss Enterprise Application Platform 6.2 supports Red Hat’s reputation as an industry leader in technology and showcases the company’s ongoing commitment to security. In 2012, JBoss Enterprise Application Platform 5.1.0 and 5.1.1 also achieved Common Criteria certification at the EAL4+ assurance level.
The Common Criteria is an internationally recognized set of standards used by the federal government and organizations to assess the security and assurance of technology products. EAL categorizes the depth and rigor of the evaluation, and EAL4+ assures consumers that the software has been methodically designed, tested, and reviewed to meet the evaluation criteria.
As with past Common Criteria certifications, Red Hat worked with atsec information security, a government accredited laboratory in the United States and Germany. atsec tested and validated the security, performance and reliability of the solution against the Common Criteria Standard for Information Security Evaluation (ISO/IEC 15408) at EAL4+.
Paul Smith, vice president and general manager, Public Sector, Red Hat, said, “We’re exceptionally proud that Red Hat JBoss Enterprise Application Platform has, once again, been granted Common Criteria Certification. It’s an important distinction that tells our customers that when they use Red Hat JBoss Enterprise Application Platform they’re using a Java EE server that’s highly secure. In short, they have the confidence that comes from knowing that their sensitive applications, services and data is on a platform that meets these rigorous security standards. Common Criteria accreditation is a high water mark for security standards. It is a non trivial effort in terms of labor and economic investment, and is part of the value of the Red Hat subscription that differentiates enterprise-class open source from the projects from which they are derived.”