Security

In Splunk 6.4, I noticed server.conf.spec has reference to Common Criteria mode. Does Splunk support that yet?

Ellen
Splunk Employee
Splunk Employee

Splunk Enterprise 6.4 release shows some .conf.spec files (eg. server.conf, authentication.conf ...) that has references to Common Criteria mode for some of the attributes.

Is Splunk 6.4 NIAP certified yet and supported?

1 Solution

Ellen
Splunk Employee
Splunk Employee

Splunk has submitted Splunk Enterprise 6.4.0 for Common Criteria evaluation.

Until we are common criteria certified we do not recommend nor support configuring Splunk Enterprise in common criteria mode.

This can also be referenced in the Splunk documentation: About securing Splunk Enterprise

View solution in original post

tchimento_splun
Splunk Employee
Splunk Employee

I am happy to say that the Splunk Enterprise 6.4.5 evaluation has been posted on NIAP’s Product Compliant List (PCL).

The posting can be found at the following URL:
https://www.niap-ccevs.org/Product/Compliant.cfm?pid=10807

0 Karma

tchimento_splun
Splunk Employee
Splunk Employee

When we are officially accepted by NIAP to start the CC certification evaluation, it will be posted to the NIAP website: https://www.niap-ccevs.org/Product/PINE.cfm

dchoi_splunk
Splunk Employee
Splunk Employee

Has there been any progress for the CC certification since then

0 Karma

dchoi_splunk
Splunk Employee
Splunk Employee

How CC certification evaluation goes? Has Splunk Enterprise 6.4.0 got the certification?
It's gone away from NIAP website

0 Karma

tchimento_splun
Splunk Employee
Splunk Employee

We have submitted to NIAP and are awaiting their response. Once accepted we will schedule the testing.

0 Karma

Ellen
Splunk Employee
Splunk Employee

Splunk has submitted Splunk Enterprise 6.4.0 for Common Criteria evaluation.

Until we are common criteria certified we do not recommend nor support configuring Splunk Enterprise in common criteria mode.

This can also be referenced in the Splunk documentation: About securing Splunk Enterprise

doksu
SplunkTrust
SplunkTrust

Is the Protection Profile report available?

0 Karma
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) v3.54.0

The Splunk Threat Research Team (STRT) recently released Enterprise Security Content Update (ESCU) v3.54.0 and ...

Using Machine Learning for Hunting Security Threats

WATCH NOW Seeing the exponential hike in global cyber threat spectrum, organizations are now striving more for ...

New Learning Videos on Topics Most Requested by You! Plus This Month’s New Splunk ...

Splunk Lantern is a customer success center that provides advice from Splunk experts on valuable data ...