CyberArk Achieves NIAP Common Criteria Certification

October 30, 2019

CyberArk Extends Common Criteria Certifications; Delivers Industry’s Broadest Portfolio of Global NIAP-Certified Privileged Access Management Solutions

NEWTON, Mass. – October 30, 2019 – CyberArk (NASDAQ: CYBR), the global leader in privileged access management, today announced it achieved international Common Criteria certification by the National Information Association Partnership (NIAP).

The Common Criteria certification validates that the CyberArk Privileged Access Security Solution meets strict security requirements for U.S. National Security System (NSS) procurement.  This certification is also used globally, by organizations in 31 member countries, to assess security solutions.

This acknowledgement from NIAP extends the list of CyberArk solutions that have achieved Common Criteria certification. CyberArk holds the industry’s most comprehensive set of privileged access management government certifications. The CyberArk solution was previously awarded an Evaluation Assurance Level (EAL) 2+ under the Common Criteria Recognition Agreement (CCRA). CyberArk is also included on the U.S. Department of Defense Information Network Approved Products List (DoDIN APL) and the U.S. Army Certificate of Networthiness (CoN) under the Cybersecurity Tools (CST) device type (Tracking Number (TN) 1712401). CyberArk helps federal agencies meet compliance requirements including FISMA/NIST SP 800-53, Phase 2 of the Department of Homeland Security Continuous Diagnostics and Mitigation (CDM) program, NERC-CIP, HSPD-12 and more.

“Government agencies and other organizations in highly regulated industries are embracing digital transformation to improve efficiency and service delivery. However, those investments in areas like cloud and DevOps can dramatically expand the attack surface, making these organizations prime targets for cyber attackers,” said Adam Bosnian, executive vice president, CyberArk. “This latest Common Criteria certification makes it easier for organizations to adopt the world’s leading privileged access management solution to reduce security risk and improve compliance.”

Governed by ISO/IEC standards bodies, the Common Criteria certification is the most widely recognized international evaluation standard for security in IT products and the U.S. government mandates Common Criteria certification for federal NSS purchases. Evaluations are conducted by approved independent licensed laboratories using certified evaluators. Virginia-based Corsec Security was CyberArk’s strategic advisor in this certification process.

According to a recent study, 78% of public sector respondents said their organization prioritized cyber security, yet nearly half believed that attackers can get into their network each time they try, and 68% admit their organization is susceptible to carefully crafted attacks. With the most damaging cyber attacks involving some level of privileged access, CyberArk helps government organizations better secure their critical infrastructure, reduce risk and protect against attackers and malicious insiders.

CyberArk delivers the most comprehensive solution for eliminating the advanced cyber threats by identifying existing privileged credentials across networks and managing and monitoring those credentials to reduce risk and improve security and compliance. By utilizing advanced analytics and continuous monitoring, CyberArk detects and isolates anomalous behavior and stops in-process attacks including those perpetrated through external attackers or malicious insiders.

To learn more visit:

About CyberArk                                                                                                         
CyberArk (NASDAQ: CYBR) is the global leader in privileged access management, a critical layer of IT security to protect data, infrastructure and assets across the enterprise, in the cloud and throughout the DevOps pipeline. CyberArk delivers the industry’s most complete solution to reduce risk created by privileged credentials and secrets. The company is trusted by the world’s leading organizations, including more than 50 percent of the Fortune 500, to protect against external attackers and malicious insiders. CyberArk’s dedicated team based in Washington, D.C. helps Federal agencies meet today’s challenging security and compliance requirements. A global company, CyberArk’s U.S. headquarters is in Newton, Mass. The company also has offices throughout the Americas, EMEA, Asia Pacific and Japan. To learn more about CyberArk, visit, read the CyberArk blogs or follow on Twitter via @CyberArk, LinkedIn or Facebook.

# # #