LINCE Certification

LINCE is a lightweight methodology for the security evaluation of IT products, developed by the National Cryptologic Center (CCN).

It is based on the principles of Common Criteria, but it establishes a duration, cost and effort completely limited, lower than what is required by Common Criteria.

Security Evaluation of IT Products according to LINCE

The goal of a LINCE certification is to carry out an evaluation, limited in time and effort, of the declared security characteristics declared of an IT product.

The evaluation process is designed to verify that the product conforms to its specification and that the implemented security features are efective. The Laboratory performs the evaluation and describes the results in an Evaluation Technical Report (ETR) on which the Certification Board (OC) of the CCN will base its decision to issue the corresponding certificate.

Inclusion in the CPSTIC catalog (Catálogo de Productos y Servicios STIC)

The LINCE certification of an IT product inside the ENECSTI (National IT Security Evaluation and Certification Scheme) grants its inclusion in the Catalog of ICT Security Products (CPSTIC) as a qualified product for use in systems affected by the National Security Framework (ENS), with security classification MEDIUM or BASIC.

International recognition

Unlike Common Criteria certifications, LINCE certifications are not recognized internationally, being valid only in Spain.

Who must initiate a LINCE certification process?

Any vendor that is interested in including their product in the CPSTIC catalogue for systems with security classification MEDIUM or BASIC.

Contact us and begin your certification process today.

For further information,
please do not hesitate to contact us.



You can contact us through the following email address: