Security

NIAP Common Criteria Certification

twham
New Member

I see that Splunk v4.1.7 is EAL2+ certified by NIAP. Does that mean that only that version is certified or that every version after v4.1.7 carries the NIAP EAL2+ certification?

0 Karma
1 Solution

lukejadamec
Super Champion

The NIAP CC certification is for a specific version and configuration (security target) for a certain level of protection (protection profile). Deviations from the version or configuration render the EAL N/A, but it does make it easier to recertify.

View solution in original post

0 Karma

tchimento_splun
Splunk Employee
Splunk Employee

I am happy to say that the Splunk Enterprise 6.4.5 evaluation has been posted on NIAP’s Product Compliant List (PCL).

The posting can be found at the following URL:
https://www.niap-ccevs.org/Product/Compliant.cfm?pid=10807

twham
New Member

Are there any plans to certify Splunk v6.0.3 or do I have to use v4.1.7 to meet customer EAL requirements? Is Splunk v4.1.7 a supported version?

0 Karma

lukejadamec
Super Champion

The NIAP CC certification is for a specific version and configuration (security target) for a certain level of protection (protection profile). Deviations from the version or configuration render the EAL N/A, but it does make it easier to recertify.

0 Karma

twham
New Member

Excellent...thanks!

0 Karma

lukejadamec
Super Champion

I did a quick scan of the certification documentation, and it does specify that the system owner will perform due diligence in applying patches to the TOE (Splunk) and the operating environment. If you had a good lawyer, you could argue that this would include upgrading the version if the upgrades included security vulnerability fixes. You should read the certification documentation to verify that the latest version can be configured accordingly, and present those findings to the customer.

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...