Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

NIAP Common Criteria Certification

twham
New Member
‎04-23-2014 09:36 AM

I see that Splunk v4.1.7 is EAL2+ certified by NIAP. Does that mean that only that version is certified or that every version after v4.1.7 carries the NIAP EAL2+ certification?

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

lukejadamec
Super Champion
‎04-23-2014 09:59 AM

The NIAP CC certification is for a specific version and configuration (security target) for a certain level of protection (protection profile). Deviations from the version or configuration render the EAL N/A, but it does make it easier to recertify.

View solution in original post

0 Karma
Reply
Solved! Jump to solution

tchimento_splun
Splunk Employee
Splunk Employee
‎03-27-2017 12:39 PM

I am happy to say that the Splunk Enterprise 6.4.5 evaluation has been posted on NIAP’s Product Compliant List (PCL).

The posting can be found at the following URL:
https://www.niap-ccevs.org/Product/Compliant.cfm?pid=10807

Reply
Solved! Jump to solution

twham
New Member
‎04-23-2014 10:10 AM

Are there any plans to certify Splunk v6.0.3 or do I have to use v4.1.7 to meet customer EAL requirements? Is Splunk v4.1.7 a supported version?

0 Karma
Reply
Solved! Jump to solution
Solution

lukejadamec
Super Champion
‎04-23-2014 09:59 AM

The NIAP CC certification is for a specific version and configuration (security target) for a certain level of protection (protection profile). Deviations from the version or configuration render the EAL N/A, but it does make it easier to recertify.

0 Karma
Reply
Solved! Jump to solution

twham
New Member
‎04-23-2014 10:30 AM

Excellent...thanks!

0 Karma
Reply
Solved! Jump to solution

lukejadamec
Super Champion
‎04-23-2014 10:20 AM

I did a quick scan of the certification documentation, and it does specify that the system owner will perform due diligence in applying patches to the TOE (Splunk) and the operating environment. If you had a good lawyer, you could argue that this would include upgrading the version if the upgrades included security vulnerability fixes. You should read the certification documentation to verify that the latest version can be configured accordingly, and present those findings to the customer.

0 Karma
Reply
Get Updates on the Splunk Community!

Welcome to the Splunk Community!

(view in My Videos) We're so glad you're here! The Splunk Community is place to connect, learn, give back, and ...

Tech Talk | Elevating Digital Service Excellence: The Synergy of Splunk RUM & APM

Elevating Digital Service Excellence: The Synergy of Real User Monitoring and Application Performance ...

Adoption of RUM and APM at Splunk

    Unleash the power of Splunk Observability   Watch Now In this can't miss Tech Talk! The Splunk Growth ...