SAN CARLOS, Calif. — April 1, 2014 — MarkLogic Corporation, the leading Enterprise NoSQL database platform company, today announced that MarkLogic Server 6.0-4 has earned Common Criteria Certification through independent testing conducted by Leidos, formerly SAIC. MarkLogic Server 6.0-4 has been validated in accordance with the provisions of the National Information Assurance Partnership (NIAP) Common Criteria Evaluation and Validation Scheme (CCEVS) for IT Security, one of the nation’s most exceptional IT security certification programs. This certification further enhances MarkLogic as the only commercial NoSQL database management system (DBMS) vendor with a NIAP Common Criteria evaluation.
Common Criteria is an internationally recognized International Standards Organization standard (ISO/IEC 15408) used by governments and other organizations to assess the security capabilities of technology products. Under the Common Criteria, products are evaluated according to strict standards for various features, such as security functionality and the handling of security vulnerabilities. Common Criteria gives customers more confidence in the security of technology products and helps lead to more informed decisions.
MarkLogic Server 6.0-4 earned an EAL2 with ALC_FLR.3 certification, which means the product meets all stated security functional requirements as well as remediation process requirements for potential vulnerabilities. This certification also evaluates the developer’s checks for vulnerabilities, the development environmental controls and the product’s configuration management, with independent verification of the developer’s testing results. MarkLogic Server 6.0-4 is now officially validated to support six top CCEVS security functions identified by the NIAP: Security Audit, User Data Protection, Identification and Authentication, Security Management, Protection of the TSF Data, and TOE Access.
“Security is a critical capability for an enterprise database management system. MarkLogic has sophisticated and granular role-based security features, as well as capabilities that facilitate secure deployment. This certification provides independent, third-party validation and demonstrates that these security capabilities meet rigorous security standards,” said David Gorbet, vice president of engineering, MarkLogic. “Security-conscious customers, such as the U.S. federal government and many financial institutions, require Common Criteria Certification as a determining factor in purchasing decisions. We are pleased to have achieved this level of certification as it assures our customers worldwide and across every industry that their trusted information is secure with MarkLogic.”
The certification process, conducted by engineers from the science and technology solutions leader Leidos, formerly SAIC, included detailed analysis of the database security and cryptographic features of MarkLogic Server 6.0-4 as well as thorough documentation of the design and Quality Assurance (QA) processes.
For more information, please visit: niap-ccevs.org/st/vid10507.
To learn more about the MarkLogic Enterprise NoSQL database platform attend MarkLogic World 2014 being held April 7-9 in San Francisco. For more information or to register and meet with experts, attend sessions covering semantics, elasticity, tiered storage and more, please visit https://www.marklogic.com/world/.
The National Institute of Standards and Technology (NIST) and the National Security Agency (NSA) have established a program under the National Information Assurance Partnership (NIAP) to evaluate IT product conformance to international standards. The program, officially known as the NIAP Common Criteria Evaluation and Validation Scheme for IT Security (CCEVS) is a partnership between the public and private sectors. The program helps consumers select commercial off-the-shelf information technology (IT) products that meet their security requirements while enabling manufacturers of those products to gain acceptance in the global marketplace.
Leidos is a science and technology solutions leader working to address some of the world’s toughest challenges in national security, health and engineering. The Company’s 23,000 employees support vital missions for our government and the commercial sector, develop innovative solutions to drive better outcomes, and defend our nation’s digital and physical infrastructure from ‘new world’ threats. Leidos is headquartered in Reston, Va. For more information, visit https://www.leidos.com/.