Imperva SecureSphere Achieves Common Criteria Certification

Common Criteria certification, or ISO 15408, is recognized as the gold standard by which U.S. government organizations, international government entities, and global enterprises evaluate and select IT security products

April 22, 2009

3 Min Read


REDWOOD SHORES, Calif. --(Business Wire)-- Apr 21, 2009 Imperva', the data security leader, today announced that SecureSphere v6.0 has achieved Common Criteria Certification at Evaluation Assurance Level 2 (EAL 2). In stringent testing conducted by the Science Applications International Corporation (SAIC) Common Criteria Testing Laboratory (CCTL) in the United States, SecureSphere proved that it meets the exacting requirements of the world's leading standard for assessing the reliability, quality, and trustworthiness of IT products. Imperva is demonstrating SecureSphere during the RSA Conference this week at booth 417.

Common Criteria certification, or ISO 15408, is recognized as the gold standard by which U.S. government organizations, international government entities, and global enterprises evaluate and select IT security products. Internationally, Common Criteria validation is accepted through the Common Criteria Recognition Arrangement (CCRA) and products with certification carry an unbiased, third-party validation of their functional capabilities and an assurance that they meet strict IT security, reliability, and quality standards.

This certification assures government organizations and businesses of SecureSphere's capabilities to maintain data integrity, prevent fraud, abuse, and data theft, and achieve compliance with a myriad of regulations including PCI DSS and SOX. The Imperva Common Criteria certificate is posted online at:

"Imperva SecureSphere is the first web application firewall and database activity monitoring solution to achieve Common Criteria certification," said Amichai Shulman, CTO of Imperva. "Common Criteria is a requirement for IT products among the world's most security conscious organizations " including government agencies, the military, critical infrastructure providers, etc. This certification is recognized around the globe, and will open important new markets for us."

About SecureSphere

The award-winning and modular SecureSphere Data Security Suite of products integrates risk management that spans the entire data security spectrum - discovery, assessment, scoring, monitoring, protection and audit. This allows customers to identify and remediate latent threats before they lead to breaches or regulatory compliance failures. SecureSphere is the industry's only complete business-critical data security and compliance solution that provides full visibility into data usage by the end-user, through the application and into the database.

About the Common Criteria Evaluation

The National Institute of Standards and Technology (NIST) and the National Security Agency (NSA) have established a national program, the NIAP Common Criteria Evaluation and Validation Scheme (CCEVS) for the evaluation of information technology internationally. During the course of an evaluation, the Validation Body provides technical guidance to those testing laboratories, validates the results of IT security evaluations for conformance to the Common Criteria, and serves as an interface to other nations for the recognition of such evaluations. The Validation Body assesses the results of a security evaluation conducted and when appropriate, issues a Common Criteria certificate. The certificate, together with its associated validation report, confirms that an IT product has been evaluated at an accredited laboratory using the Common Evaluation Methodology for conformance to the Common Criteria.

About Imperva

Imperva, the Data Security leader, enables a complete security lifecycle for business databases and the applications that use them. Over 4,500 of the world's leading enterprises, government organizations, and managed service providers rely on Imperva to prevent sensitive data theft, protect against data breaches, secure applications, and ensure data confidentiality. The award-winning Imperva SecureSphere is the only solution that delivers full activity monitoring from the database to the accountable application user and is recognized for its overall ease of management and deployment. For more information, visit

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights