Pivot3 Achieving Common Criteria Certification for HCI Software

Pivot3, Inc. achieved Common Criteria Assurance Continuity certification for its Acuity 10.6 hyperconverged infrastructure (HCI) software platform.

Pivot3 is a HCI vendor with Common Criteria certification of a native-NVMe solution with policy-based management to automate data protection, security and workload performance. This provides government and enterprise customers with capabilities to meet security standards across the edge, core and cloud.

Data is being created and processed outside of datacenters and the cloud. Because of this, government agencies and other regulated industries are incorporating edge strategies into their initiatives to support the management of distributed data and infrastructure.

“As more data is generated beyond the datacenter, federal customers require infrastructure solutions with the intelligence necessary to process and analyze across the edge, core and cloud – but without compromising security,” said Ben Bolles, VP of product, Pivot3. “The Common Criteria certification is considered the gold standard for security, providing Pivot3’s customers with the confidence in knowing that their most mission-critical environments are protected and secure.“

Common Criteria is an internationally recognized set of guidelines (International Organization for Standardization 15408), which define a common framework for evaluating security features and capabilities of IT security products. This certification assures both government and private-sector organizations that Pivot3 provides the infrastructure necessary to mitigate emerging threats without compromising security, resilience and manageability at scale. The company had previously attained Common Criteria certification on its prior gen software platform.

The Common Criteria certification process consists of several evaluation assurance levels, each one more stringent than the last, with product security testing performed by accredited independent, third-party laboratories. This evaluation is recognized by over 28 participating countries, and others who follow the Common Criteria program unofficially such as the European Union.

The US government – as well as many other governments around the world  – mandate Common Criteria certification of security products for purchases. All US federal agencies are required to purchase commercial products that have met specified third-party assurance requirements and have been tested by an accredited national laboratory. Many commercial organizations also require Common Criteria certification for infrastructure and software solutions due to the certification’s intense security standards.

Corsec Security, Inc., in product security requirements hardening, assisted Pivot3 with its Common Criteria evaluation and helped streamline the certification effort.

“Government agencies face new challenges as they seek to keep up with the growing complexity of IT while protecting vs. ever-increasing security threats,” said Matthew Appler, CEO, Corsec Security. “Pivot3’s achievement of the Common Criteria certification on the latest gen of its Acuity software platform brings a powerful range of new capabilities to this market, providing agencies with the intelligent solutions needed to serve citizens and protect our nation’s infrastructure.“