OPSWAT Announces Common Criteria Certification

What is Common Criteria Certification?

The Common Criteria (CC) is a framework which defines guidelines for evaluating security features and capabilities of IT security products internationally. This is frequently used to understand and classify the security standards of products deployed by Government organizations. Due to the huge diversity in security products and their functionality, this program’s goal is to create a common set of rules and standards to align and assess all of them. Security products, which have undergone successful testing and evaluation, are awarded Common Criteria certification. There are 2 types of certification: Protection Profile (PP) and Evaluation Assurance Level (EAL). The product or system that is the subject of the evaluation is called Target of Evaluation (TOE).


For TOEs that fit into a predefined category (e.g. firewall), there are predefined Security Functional Requirements (SFRs) and tests to evaluate the product. However, if the TOE isn't a fit for either of the predefined profiles, then an EAL certification is in order. As part of the EAL, the vendor will define the functional requirements and can focus the scope of the project on what is considered relevant in the TOE.

Why is this important for OPSWAT MetaDefender?

Our mission at OPSWAT is to protect critical infrastructures, and Government entities are a major focus. OPSWAT MetaDefender Core and MetaDefender Kiosk have both seen tremendous success in Critical Infrastructure Protection worldwide, even without Common Criteria certification. This is a clear sign of our customers’ confidence in OPSWAT as a brand and in the value that our products bring to these organizations.

However, in some countries, regulations require government agencies to purchase only commercial security products with third party assurance certificates (CC is the most prevalent). Also, in some industries, CC Certification is a specific security assurance requirement. To support our global customers’ needs, we decided to invest in getting the CC certification.

Why is this important for OPSWAT customers?

CC Certification assures that the products you deploy comply with the agreed-upon security standards. We believe this will facilitate our customers’ evaluating and purchasing procedure. By skipping additional reviews and questionnaires, you can focus on what's important: the product and the value that it brings.

Certification Success

OPSWAT MetaDefender Core and MetaDefender Kiosk successfully passed all the validation steps in the CC evaluation process. We are happy to announce that as of March 3rd, 2021, we have achieved Common Criteria EAL2+ enabling us to continue delivering on our commitment to our customers.



Copy of the CCRA Certificate.
For details, please read the Certification Report.

Useful Links:

For more information, please contact one of our critical infrastructure cybersecurity experts.

Sign up for Blog updates
Get information and insight from the leaders in advanced threat prevention.