EUCC Candidate Scheme for ICT Products released for public consultation
1
min reading time
Our CTO, Mr. Gábor HORNYÁK has actively been working in ENISA WG in the past 6 months so that today ENISA, the European Union Agency for Cybersecurity could launch the First Candidate Cybersecurity Certification Scheme for public consultation. The consultation of the new Common Criteria based European cybersecurity certification scheme (EUCC) started today and will remain open for contributions until July 31st, 12:00 CET.
For more details please visit ENISA site: https://www.enisa.europa.eu/news/enisa-news/enisa-launches-public-consultation-for-first-candidate-cybersecurity-certification-scheme
Related downloadables
Related downloadables
EUCC Study - The New European Union Cybersecurity Certification Scheme
EUCC Study - The New European Union Cybersecurity Certification Scheme
Download EUCC Study 2026 for the most important and up-to-date information about the new European Union Cybersecurity Certification Scheme
Common Criteria Evaluation Process infographics
Common Criteria Evaluation Process infographics
This downloadable infographics introduces the Common Criteria Evaluation process to you. Explore now for free.
Guide and Checklist for Common Criteria Evaluations - updated with EUCC Scheme
Guide and Checklist for Common Criteria Evaluations - updated with EUCC Scheme
Learn everything you need to know for a successful Common Criteria certification project. Save costs and effort with your checklist.
Related news
How to Meet IoT Cybersecurity Standards Using the ETSI EN 303 645 Guide
This article provides a comprehensive guide to meeting consumer IoT security standards using the ETSI EN 303 645 framework. It explains why this standard has become the global baseline for compliance, serving as a critical foundation for regulations like the UK PSTI Act and the upcoming EU Cyber Resilience Act (CRA). The post breaks down the 13 essential security provisions, such as banning default passwords and securing software updates, and outlines a structured assessment path from scope definition to accredited testing. Learn how to treat security as a design constraint to avoid market delays, leverage gap analysis for early detection of vulnerabilities, and turn technical compliance into a trusted competitive edge for your smart devices.
5
min reading time
Understanding EUCC Assurance Levels: What “Substantial” and “High” Really Mean for ICT Security
This article provides a strategic guide to the new EUCC assurance levels, explaining what "Substantial" and "High" certifications actually mean for your market access. It demystifies the critical shift from simple EAL numbers to risk-based vulnerability analysis (AVA_VAN), detailing exactly which products require advanced penetration testing versus basic surveys. You will learn how to map your device to the correct assurance category, navigate the new mandatory lifecycle and patching requirements, and avoid the costly trap of over-engineering your compliance strategy.
5
min reading time
Implementing EUCC: What High-Assurance Certification Requires Beyond Traditional Common Criteria Approaches
This is a comprehensive overview of the transition to EUCC (European Common Criteria-based cybersecurity certification scheme). It effectively highlights the shift from the old, fragmented SOG-IS approach to a unified, risk-based framework under the Cybersecurity Act.
8
min reading time
