Sensage ACHIEVES IN EVALUATION PROCESS STATUS FOR COMMON CRITERIA GOVERNMENT STANDARD
Sensage Event Data Warehouse Undergoes Rigorous Evaluation Mandated for National Security Systems
SAN FRANCISCO, October 27, 2009 - Sensage, Inc. today announced that the Sensage Event Data Warehouse Private Encryption File System is officially in evaluation for an EAL2+ certification under the Common Criteria international security standard. Common Criteria evaluation of security products is mandated for commercial information security products purchased by the U.S. government for use in national security systems. Sensage's participation in this process illustrates the company's commitment to providing the highest quality assurance to its customers.
"Government agency data volumes are growing rapidly and the requirements for complex analytics are becoming more and more important to meet regulatory and compliance requirements," said Bruno Kurtic, vice president of product management for Sensage. "Common Criteria certification provides validation to government agencies that Sensage solutions have been rigorously evaluated and tested."
The Communications Security Establishment Canada (CSEC)'s Common Criteria Evaluation and Certification Scheme (CCS) is an internationally recognized set of guidelines (ISO 15408) which define a common framework for evaluating security features and capabilities of information technology security products. The standard consists of several predetermined evaluation assurance levels, each one more stringent than the last. Common Criteria allows vendors to have their products tested against a chosen level by an independent third-party testing laboratory. The Common Criteria Mutual Recognition Agreement (CCRA) is a pact which was designed to allow all evaluations up to an evaluation assurance level (EAL) 4 to be recognized by all participating countries, regardless of where the evaluation was completed. There are currently 26 countries involved in the CCRA, including the U.S. and Canadian governments, with others following unofficially such as the European Union.
"Common Criteria validation of Sensage provides users with a high degree of security, assurance and dependability," said Jamie Sanbower, director of security solutions at Force3. "We are excited to partner with Sensage to deliver event data warehouse solutions to government agencies that enable them to make better business decisions and increase efficiency and performance."
Common Criteria certification of security products is mandated by the U.S. government for federal purchases. The National Information Assurance Acquisition Policy, NSTISSP No. 11, requires agencies to purchase only those commercial security products which have met specified third-party assurance requirements and have been tested by an accredited national laboratory. The In Process listing can be viewed at http://www.cse-cst.gc.ca/its-sti/services/cc/oe-pece-eng.html.
"The Common Criteria validation process thoroughly evaluates the security capabilities of information technology vendors, and only well designed and proven products are able to pass," said Matthew Appler, CEO and co-founder of Corsec Security, Inc., a consulting firm with over 11 years of validation experience. "Sensage solutions meet the stringent evaluation assurance levels required to achieve Common Criteria certification."
About Sensage
Sensage, Inc. offers patented event data warehouse solutions that provide actionable results from massive amounts of log and event data. More than 400 customers have deployed Sensage solutions to reduce security, fraud and compliance risks at a fraction of the cost of traditional data warehouses and log management solutions. Based in San Francisco, the company markets its solutions directly and through partners, including Cerner, EMC, HP, Hitachi Data Systems, McAfee, Tokyo Electron Device and many others. Visit www.Sensage.com for more information.
About Corsec Security, Inc.
Corsec Security, Inc. specializes in helping companies navigate through the complex process of receiving FIPS 140-2 and Common Criteria (CC) certifications. Corsec's consulting, document creation, and project management services deliver unmatched expertise in achieving government validation efforts at a firm, fixed price. Corsec partners with companies around the world to achieve local and international certification and to add security functionality to a wide range of products. Corsec minimizes the time, effort and money a vendor needs to invest in validation while ultimately maximizing the return on that investment. For further information, please visit www.corsec.com.
PR Contacts
Julia Sinykin
The Hoffman Agency for Sensage, Inc.
(508) 329-3319
jsinykin@hoffman.com
Bob Schoettle
Sensage, Inc.
(415) 808-5917
bob.schoettle@Sensage.com
