Telos Achieves Common Criteria Certification for Xacta IA Manager

Jan. 27, 2005
Company's IT security risk management solution becomes first to be certified by NIAP Common Criteria Evaluation Program

ASHBURN, Va. - Telos Corporation announced that the company's flagship information technology (IT) security management solution, Xacta IA Manager has been validated by National Information Assurance Partnership (NIAP) for conformance to the Common Criteria for Information Technology Security Evaluation. Reinforcing Telos' position as the leading supplier of government-validated secure enterprise solutions, Xacta IA Manager is the first risk management and regulatory compliance product to be certified by the Common Criteria Evaluation and Validation Scheme process.

Xacta IA Manager was accepted into the formal evaluation phase of Common Criteria testing on Feb. 19, 2004. CygnaCom Solutions conducted the Evaluation Assurance Level 2 (EAL2) testing efforts in its Security Evaluation Laboratory (SEL). CygnaCom Solutions' Common Criteria Testing Laboratory (CCTL) is accredited by National Voluntary Laboratory Assessment Program (NVLAP) and approved by NIAP to conduct security evaluations. CygnaCom Solutions' SEL performs Common Criteria evaluations in accordance with NIAP Common Criteria Evaluation and Validation Scheme (CCEVS) policy and procedures.

Xacta IA Manager offers risk and compliance assessment methodologies with wizard-driven templates that streamline and simplify U.S. government certification and accreditation (C&A) processes, as well as similar processes for commercial firms in regulated and non-regulated industries. Xacta IA Manager is deployed at hundreds of federal civilian and Department of Defense agencies, as well as over two dozen financial institutions.

Telos submitted Xacta IA Manager for Common Criteria evaluation in compliance with National Security Telecommunications and Information Systems Security Policy (NSTISSP) No. 11 regulation. This regulation requires security-related products to be subjected to a standardized evaluation process if the products are integrated within national security systems.