Security

NIAP Common Criteria Certification

New Member

I see that Splunk v4.1.7 is EAL2+ certified by NIAP. Does that mean that only that version is certified or that every version after v4.1.7 carries the NIAP EAL2+ certification?

0 Karma
1 Solution

Super Champion

The NIAP CC certification is for a specific version and configuration (security target) for a certain level of protection (protection profile). Deviations from the version or configuration render the EAL N/A, but it does make it easier to recertify.

View solution in original post

0 Karma

Splunk Employee
Splunk Employee

I am happy to say that the Splunk Enterprise 6.4.5 evaluation has been posted on NIAP’s Product Compliant List (PCL).

The posting can be found at the following URL:
https://www.niap-ccevs.org/Product/Compliant.cfm?pid=10807

New Member

Are there any plans to certify Splunk v6.0.3 or do I have to use v4.1.7 to meet customer EAL requirements? Is Splunk v4.1.7 a supported version?

0 Karma

Super Champion

The NIAP CC certification is for a specific version and configuration (security target) for a certain level of protection (protection profile). Deviations from the version or configuration render the EAL N/A, but it does make it easier to recertify.

View solution in original post

0 Karma

New Member

Excellent...thanks!

0 Karma

Super Champion

I did a quick scan of the certification documentation, and it does specify that the system owner will perform due diligence in applying patches to the TOE (Splunk) and the operating environment. If you had a good lawyer, you could argue that this would include upgrading the version if the upgrades included security vulnerability fixes. You should read the certification documentation to verify that the latest version can be configured accordingly, and present those findings to the customer.

0 Karma
State of Splunk Careers

Access the Splunk Careers Report to see real data that shows how Splunk mastery increases your value and job satisfaction.

Find out what your skills are worth!