April 1, 2014 13:00 UTC

MarkLogic® Server 6.0-4 Earns Common Criteria Security Certification

Award-Winning Product Is the Only NoSQL Database Platform with NIAP Common Criteria Certification

SAN CARLOS, Calif.--(BUSINESS WIRE)-- MarkLogic Corporation, the leading Enterprise NoSQL database platform company, today announced that MarkLogic Server 6.0-4 has earned Common Criteria Certification through independent testing conducted by Leidos, formerly SAIC. MarkLogic Server 6.0-4 has been validated in accordance with the provisions of the National Information Assurance Partnership (NIAP) Common Criteria Evaluation and Validation Scheme (CCEVS) for IT Security, one of the nation’s most exceptional IT security certification programs. This certification further enhances MarkLogic as the only commercial NoSQL database management system (DBMS) vendor with a NIAP Common Criteria evaluation.

Common Criteria is an internationally recognized International Standards Organization standard (ISO/IEC 15408) used by governments and other organizations to assess the security capabilities of technology products. Under the Common Criteria, products are evaluated according to strict standards for various features, such as security functionality and the handling of security vulnerabilities. Common Criteria gives customers more confidence in the security of technology products and helps lead to more informed decisions.

MarkLogic Server 6.0-4 earned an EAL2 with ALC_FLR.3 certification, which means the product meets all stated security functional requirements as well as remediation process requirements for potential vulnerabilities. This certification also evaluates the developer’s checks for vulnerabilities, the development environmental controls and the product’s configuration management, with independent verification of the developer’s testing results. MarkLogic Server 6.0-4 is now officially validated to support six top CCEVS security functions identified by the NIAP: Security Audit, User Data Protection, Identification and Authentication, Security Management, Protection of the TSF Data, and TOE Access.

“Security is a critical capability for an enterprise database management system. MarkLogic has sophisticated and granular role-based security features, as well as capabilities that facilitate secure deployment. This certification provides independent, third-party validation and demonstrates that these security capabilities meet rigorous security standards,” said David Gorbet, vice president of engineering, MarkLogic. “Security-conscious customers, such as the U.S. federal government and many financial institutions, require Common Criteria Certification as a determining factor in purchasing decisions. We are pleased to have achieved this level of certification as it assures our customers worldwide and across every industry that their trusted information is secure with MarkLogic.”

The certification process, conducted by engineers from the science and technology solutions leader Leidos, formerly SAIC, included detailed analysis of the database security and cryptographic features of MarkLogic Server 6.0-4 as well as thorough documentation of the design and Quality Assurance (QA) processes.

For more information, please visit: niap-ccevs.org/st/vid10507.

To learn more about MarkLogic Enterprise NoSQL database platform attend MarkLogic World 2014 being held April 7-9 in San Francisco. For more information or to register and meet with experts, and attend sessions covering semantics, elasticity, tiered storage and more, please visit world.marklogic.com.

About NIAP and CCEVS

The National Institute of Standards and Technology (NIST) and the National Security Agency (NSA) have established a program under the National Information Assurance Partnership (NIAP) to evaluate IT product conformance to international standards. The program, officially known as the NIAP Common Criteria Evaluation and Validation Scheme for IT Security (CCEVS), is a partnership between the public and private sectors. The program helps consumers select commercial off-the-shelf information technology (IT) products that meet their security requirements while enabling manufacturers of those products to gain acceptance in the global marketplace.

About Leidos

Leidos is a science and technology solutions leader working to address some of the world's toughest challenges in national security, health and engineering. The Company's 23,000 employees support vital missions for our government and the commercial sector, develop innovative solutions to drive better outcomes, and defend our nation's digital and physical infrastructure from 'new world' threats. Leidos is headquartered in Reston, Va. For more information, visit www.Leidos.com.

About MarkLogic

For more than a decade, MarkLogic has delivered a powerful, agile and trusted Enterprise NoSQL database platform that enables organizations to turn all data into valuable and actionable information. Organizations around the world rely on MarkLogic’s enterprise-grade technology to power the new generation of information applications. MarkLogic is headquartered in Silicon Valley with offices in Chicago, Frankfurt, London, New York, Tokyo, Utrecht and Washington D.C. For more information, please visit www.marklogic.com.

MarkLogic is a registered trademark of MarkLogic Corporation in the United States and/or other countries.

*All other trademarks mentioned are the property of their respective owners.

Contacts

MarkLogic Corporation:
Renee Reyes, +1 650.287.2537
renee.reyes@marklogic.com
or
ANW Networks (US):
Alicia V. Nieva-Woodgate, +1 415.515.0866
alicia@anwnetworks.com
or
Melissa Hourigan, +1 720.988.3856
melissa@anwnetworks.com
or
ANW Networks (UK):
Tatiana Miller, +44 (0) 7787 128215
tatiana@anwnetworks.com
or
Rachel Postlethwaite, + 44 (0) 7949 883636
rachel@anwnetworks.com


Source: MarkLogic Corporation