What is Common Criteria?
The Common Criteria Recognition Arrangement (CCRA) is an international agreement that defines criteria for specifying and evaluating the security of information technology products. Published under the aegis of CCRA, the Common Criteria for Information Technology Security Evaluation (CC) and related specifications define product profiles, security features, and testing criteria. Each CCRA signatory is represented by a national agency concerned with IT security; the United States is represented by the National Information Assurance Partnership (NIAP, https://www.niap-ccevs.org/). These agencies approve evaluation laboratories,1 which test IT products and issue certificates of compliance with criteria specific to classes of products. Under the CCRA, signatory nations agree in principle to recognize each others’ certifications, so CC compliance is effectively an international IT product security certification.
As of January 15th 2021, FlashArray //x running Purity 5.3 is Common Criteria Certified.