The Common Criteria Standard

The Common Criteria for Information Technology Security Evaluation (ISO/IEC 15408), known as "Common Criteria," is an international standard for certifying security of computer systems, networks, and application software. Certification ensures that claims about the security attributes of the evaluated product have been independently verified in the specified, evaluated configuration and environment. The certification does not validate any security claims when the product is used outside of that evaluated configuration or environment.

Common Criteria for Secret Server

Secret Server

Secret Server releases 10.4 and later provide security features enabling users to achieve Common Criteria certification. To ensure that each parameter setting matches those evaluated and certified as secure by Common Criteria standards, follow these guidelines in their entirety.


This Common Criteria documentation is for users with administrative access to configure their organization's operational environment; knowledge of their organization’s network infrastructure and applicable policies; and responsibility for installing, configuring, and operating enterprise infrastructure for their organization.

This documentation is not updated with every Secret Server release—some releases do not affect the documentation's contents and thus do not warrant a document update.