Strategic Partnership for Cybersecurity – CCLab and WonSec Technology Join Forces for EUCC Certification
3
min reading time
On March 21, 2025, a special event took place at CCLab’s headquarters in Budapest, Hungary: we had the pleasure of welcoming the delegation of WonSec Technology, and together we signed a strategic cooperation agreement focused on the EU Cybersecurity Certification Scheme on Common Criteria (EUCC).
This partnership marks a milestone not only for CCLab but for the broader European certification ecosystem as well. Our joint goal is to support the secure and compliant entry of ICT products and services into the European market, especially in light of the soon-to-be mandatory EUCC requirements.
Why does EUCC matter?
The EUCC (EU Cybersecurity Certification Scheme on Common Criteria) is the European Union’s new cybersecurity certification framework, set to gradually replace fragmented national schemes starting in 2025. Its purpose is to establish a unified, high-security standard for ICT products across the EU. Built upon the international Common Criteria standard, EUCC strengthens requirements around data protection, supply chain security, and vulnerability analysis - raising the bar for manufacturers and developers worldwide.
CCLab and WonSec Technology: combining expertise across continents
CCLab is among the first evaluation facilities officially authorized by the EU to conduct EUCC assessments. With over a decade of experience in Common Criteria evaluations and consultancy, we are proud to support global clients with a trusted and professional approach.
Our partner, WonSec Technology, is a leading digital security and certification provider in China, with extensive experience and technological strength. Through this collaboration, we aim to jointly assist manufacturers and developers preparing for the European market and striving to meet the demanding EUCC criteria.
Building a safer digital future together
This agreement is more than a partnership, it is a shared commitment to global cybersecurity. We believe that international cooperation and knowledge exchange are essential to building a secure and sustainable digital economy.
At CCLab, we remain committed to delivering reliable, high-quality certification services in cooperation with our partners - not only in Europe, but worldwide.
Related downloadables
Related downloadables
EUCC Study - The New European Union Cybersecurity Certification Scheme
EUCC Study - The New European Union Cybersecurity Certification Scheme
Download EUCC Study 2024 for the most important and up-to-date information about the new European Union Cybersecurity Certification Scheme
Guide and Checklist for Common Criteria Evaluations - updated with EUCC Scheme
Guide and Checklist for Common Criteria Evaluations - updated with EUCC Scheme
Learn everything you need to know for a successful Common Criteria certification project. Save costs and effort with your checklist.
Related news
How to Meet IoT Cybersecurity Standards Using the ETSI EN 303 645 Guide
This article provides a comprehensive guide to meeting consumer IoT security standards using the ETSI EN 303 645 framework. It explains why this standard has become the global baseline for compliance, serving as a critical foundation for regulations like the UK PSTI Act and the upcoming EU Cyber Resilience Act (CRA). The post breaks down the 13 essential security provisions, such as banning default passwords and securing software updates, and outlines a structured assessment path from scope definition to accredited testing. Learn how to treat security as a design constraint to avoid market delays, leverage gap analysis for early detection of vulnerabilities, and turn technical compliance into a trusted competitive edge for your smart devices.
5
min reading time
Understanding EUCC Assurance Levels: What “Substantial” and “High” Really Mean for ICT Security
This article provides a strategic guide to the new EUCC assurance levels, explaining what "Substantial" and "High" certifications actually mean for your market access. It demystifies the critical shift from simple EAL numbers to risk-based vulnerability analysis (AVA_VAN), detailing exactly which products require advanced penetration testing versus basic surveys. You will learn how to map your device to the correct assurance category, navigate the new mandatory lifecycle and patching requirements, and avoid the costly trap of over-engineering your compliance strategy.
5
min reading time
Implementing EUCC: What High-Assurance Certification Requires Beyond Traditional Common Criteria Approaches
This is a comprehensive overview of the transition to EUCC (European Common Criteria-based cybersecurity certification scheme). It effectively highlights the shift from the old, fragmented SOG-IS approach to a unified, risk-based framework under the Cybersecurity Act.
8
min reading time
