CCguide Training Course

Subscribe to CCGuide! Learn how to write Developer Docs based on EUCC Common Criteria.

Let’s see the training course

book a free consult

The EUCC has already entered
into force

Read our blog post on How to Prepare and Apply for EUCC Certification for Your Product

Read blog post

book a free consult

IoT Guide Training Course

The definitive guide to crafting Compliant IoT Devices and high-quality developer documentation for ETSI EN 303 645 Certification.

Learn more

book a free consult

Companies who chose us

About CCLAB

Founded in 2013, CCLab Ltd. is an agile cybersecurity laboratory specializing in Common Criteria evaluations and consultations. Our cybersecurity lab has been accredited by OCSI (Certification Body of the Italian Scheme) since 2015 and BSI (Certification Body of the German Scheme) since 2022.

We have successfully executed numerous projects, with the scale and quality of evaluations consistently increasing each year.

In 2023 CClab joined the QIMA group, a global Testing, Inspection, and Certification player, operating in more than 100 countries from 60 offices and labs.

80+

successful evaluations

accreditations

months to finish an EAL 4+ evaluation

cybersecurity testing laboratories

50+

satisfied clients

Our Cybersecurity solutions

Navigate the complex landscape of cybersecurity certifications
with expert guidance

Common Criteria Evaluation

ISO 15408 Common Criteria Compliance and Certification up to EAL4+ or EAL5.

Common Criteria Consultancy

Professional support to prepare for a successful Common Criteria evaluation saves you cost and effort.

Consumer IoT (ETSI EN 303 645) Cybersecurity

Comply with ETSI EN 303 645 standards, providing guidelines and expertise for the security of consumer Internet of Things (IoT) devices.

Smart Metering Cybersecurity

Data security solutions for smart metering system components with independent verification by out certified laboratory.

Radio Equipment Directive Cybersecurity Compliance

Learn more about the Radio Equipment Directive (RED) specifying cybersecurity requirements for radio equipment sold within the EU.

UK PSTI compliance

How to get your connected device compliant with the upcoming cybersecurity regulation in the UK, the Product Security and Telecommunications Infrastructure (PSTI) Act.

Industrial Control System Security

Cybersecurity evaluation and certification of industrial automation and control system based on ISA/IEC 62443-4-1 and 62443-4-2 standards.

Cybersecurity Certification

Get your IoT, IIoT device certified after successful evaluation and testing based on ETSI 3030 645 or IEC 62443-4-1, 62443-4-2.

Download this comprehensive infographic guide, which deep dive into the key stages of the Industrial Automation and Control Systems product development lifecycle, ensuring alignment with IEC 62443 standards.

Industrial Automation and Control System Infographics

download

Unlock the full potential of your ESG software—ensure security, compliance, and a competitive edge with EUCC certification!

Protect Your ESG Software with EUCC Certification- FREE Flyer

download

Download EUCC Study 2024 for the most important and up-to-date information about the new European Union Cybersecurity Certification Scheme

EUCC Study - The New European Union Cybersecurity Certification Scheme

download

This CCGuide flyer will quickly introduce you to the benefits of CCGuide training course subscription for your team. You can be sure that you will be able to use the knowledge you have acquired here and easily pass the CC requirements.

Discover the power of CCGuide training course - FREE flyer

download

Read and learn more about Common Criteria Consultation and download our free material now.

Quick guide for Common Criteria consultation

download

Your key to unlocking simplicity in ETSI 303 645 compliance

ETSI EN 303 645 Guide training course

download

Download the PSTI Act Q&A flyer now

Full Q&A from Decoding UK PSTI Act Webinar

download

Read and learn more about the Radio Equipment Directive (RED), download our free material now.

Guide for Radio Equipment Directive (RED)

download

Learn everything you need to know for a successful Common Criteria certification project. Save costs and effort with your checklist.

Guide and Checklist for Common Criteria Evaluations - updated with EUCC Scheme

download

This downloadable infographics introduces the Common Criteria Evaluation process to you. Explore now for free.

Common Criteria Evaluation Process infographics

download

Get your FREE A-Z supporting material for smart meter security standards. Learn more about the Swiss METAS data security evaluation projects of smart metering devices.

Checklist for Swiss Smart Metering Cybersecurity Evaluations

download

This downloadable infographics introduces you to the Swiss Smart Metering data security pre-assessment process of METAS certification.

Swiss Smart Metering Data Security pre-evaluation process infographics

download

This downloadable infographics introduces you to Swiss Smart Metering data security evaluation process of METAS certification.

Swiss Smart Metering Data Security official evaluation process infographics

download

Want to understand the MDR, IVDR regulation? Download our e-book on the latest requirements of medical cybersecurity

Medical Device Cybersecurity e-book

download

The second stage of the medical device cybersecurity testing framework is risk assessment. This downloadable infographics introduces the risk analysis process to you.

Risk Analysis infographics for MDR cybersecurity

download

The first step in preparing for the EU MDR compliance is the gap analysis. This downloadable infographic guides you through the gap analysis process.

Gap Analysis Infographics for Medical Devices Regulation

download

Download our ETSI EN 303 635 infographics today and learn about the product certification process for this consumer IoT device cybersecurity standard.

ETSI EN 303 645 infographics for Consumer IoT devices

download

Evaluation with
agility in mind

What does it mean?

Dedicated project leader, who understands the processes

No surprises at the end of the project,

Weekly/biweekly
status meetings

Emails are responded within one working day

Short iterations with immediate feedback

Understandable and solution-oriented observation reports

We intervene immediately in case of any minor problems

Track progress in monthly reports

Cybersecurity News

ESG software is pivotal in modern sustainability strategy. Source: Envato

May 7, 2025

The Future of EUCC Certification for ESG Software

min reading time

As the demand for corporate accountability continues to surge, Environmental, Social, and Governance (ESG) software has taken center stage in how companies collect, manage, and disclose sustainability data. With regulatory frameworks tightening across the EU and globally, ESG software vendors must now consider cybersecurity not just as a technical necessity but as a cornerstone of ESG integrity. At the heart of this transformation is the EUCC (European Union Cybersecurity Certification) framework—an emerging standard that ensures the secure design, deployment, and maintenance of digital products, including ESG platforms. In this article, we’ll explore why EUCC certification is becoming a critical benchmark for ESG software, how it reinforces security and compliance, and how CCLab can streamline the path to successful certification.

March 5, 2025

How the Common Criteria Guide Helps Navigate Complex Evaluation Requirements

min reading time

Achieving Common Criteria certification is a crucial step for developers and organizations aiming to demonstrate the security and reliability of their IT products. However, the certification process is known for its complexity, requiring strict adherence to extensive documentation and evaluation protocols. Developers often face challenges in understanding intricate requirements, structuring their submissions, and ensuring compliance with rigorous standards.

February 19, 2025

Top Challenges in Common Criteria Compliance for Emerging Technologies

min reading time

The rapid evolution of emerging technologies is reshaping industries and introducing unprecedented levels of innovation. However, this technological advancement also brings new security risks, necessitating stringent compliance with internationally recognized standards. One such standard is Common Criteria (CC), a globally accepted framework for evaluating the security properties of IT products. While CC evaluation ensures a product meets rigorous security requirements, applying this framework to emerging technologies presents several challenges. This article will explore these challenges in detail and provide insights into overcoming them.

All news

Meet us here

Join our captivating cybersecurity events to enhance your knowledge and engage with our team of experts.

Evolving Cybersecurity Requirements under the Radio Equipment Directive (RED)

Online

May 28, 2025

Evolving Cybersecurity Requirements under the Radio Equipment Directive (RED)

Join us for an in-depth webinar focused on the evolving cybersecurity requirements under the Radio Equipment Directive (RED). This session will break down the latest RED obligations for manufacturers and suppliers. From essential technical and legislative mandates to strategic best practices, you’ll gain valuable insights on how to navigate compliance, fortify device security, and stay ahead in an increasingly interconnected market.

LEARN MORE

On-demand

March 6, 2025

ESG conference - Cybersecurity Aspects

Join us for this FREE on-demand presentation. Levente Cseh, Sales Manager at CCLab, will share valuable insights and strategies for securing ESG systems and provide an in-depth overview of the standardization methodology within the applicable framework.

LEARN MORE

all events

Testimonials

Kenneth Lasoski

Versa Networks

Evaluation team was extremely reasonable and flexible with resolution to findings and was helpful in finding agreeable solutions for CB comments. Consultation team was always responsive and helped shape the documentation for easier evaluation, and provided useful recommendations on satisfying SFR/SARs.

Thierry Bonda

Landis+Gyr

CCLab was well prepared, flexible during the whole evaluation process, and supported us with continuous communication and guidance. Many lessons were learnt during the project and CCLab has always been looking for solutions, supporting our developers the best way they could. The new Swiss evaluation methodology was a good and professional basis to work with, but both parties had to learn how to deal with it.

Jake Nelson

Corsec Security Inc.

The relationship between Corsec and CCLab has been instrumental in helping product vendors successfully complete the Common Criteria certification process. As a Common Criteria consultant to the product vendor, Corsec relies on CCLab’s responsiveness and expertise to quickly and thoroughly complete the testing component of the process. CCLab has been essential in managing multiple projects, their professionalism has helped ensure product vendor satisfaction and ultimate project success.

Alexander Testov

AO Kaspersky Lab.

"I would definitely recommend CCLab to anyone in need of Common Criteria certification. Our cooperation was comfortable, well organized and efficient. I am totally satisfied with the result."

Dayton Marcucci

HID Global

The CCLab team gave us full support to adapt to the changes during product development. Whatever the challenges faced they could keep the due dates and we were able to complete the process quickly and efficiently. The real agile lab helped our success. We are going to work with them again. I highly recommend them to anyone wanting to get its product certified.

Jaime Chica

NXP Semiconductors

It was a well-managed project which achieved success in an effortless manner.

Kalev Pihl

SK ID Solutions

We needed a lab that works quickly but with high work morale and quality of work. CCLab is exactly like that! It was good cooperation experience to work with them. The project was rather complex and our expectations maybe even too high, but the team was committed to the common goals and could keep the milestones; therefore we were able to deliver what was needed. I highly recommend CCLab team to anyone for their great team spirit, quality orientations, agility and reasonable pricing.

Israr Ahmed

Ascertia Ltd.

On behalf of Ascertia, accept my appreciation for the excellent job done by CCLab team over the past several months in achieving the Common Criteria Certificate for ADSS Server SAM solution. It was an enormous undertaking but went smoothly and efficiently! Thanks to your leadership and dedication combined with your staff's teamwork and energy, we achieved our target. You and your employees should take great pride in this accomplishment. We look forward to extend our work with you for our next certification milestone and hope will continue to get such excellent service.

Zsolt Rózsahegyi

I4P Informatics Ltd.

Thanks to the agile processes we've been able to add new features to the product during the evaluation that made it even more valuable to customers. CCLAB efficiently supported us throughout the whole change management process. The predictability, accurate scheduling, and supportive mindset helped us to finish the project in time.

Button Text