LINCE is a lightweight methodology for the security evaluation of IT products, developed by the National Cryptologic Center (CCN).
It is based on the principles of Common Criteria, but it establishes a duration, cost and effort completely limited, lower than what is required by Common Criteria.
The goal of a LINCE certification is to carry out an evaluation, limited in time and effort, of the declared security characteristics declared of an IT product.
The evaluation process is designed to verify that the product conforms to its specification and that the implemented security features are efective. The Laboratory performs the evaluation and describes the results in an Evaluation Technical Report (ETR) on which the Certification Board (OC) of the CCN will base its decision to issue the corresponding certificate.
The LINCE certification of an IT product inside the ENECSTI (National IT Security Evaluation and Certification Scheme) grants its inclusion in the Catalog of ICT Security Products (CPSTIC) as a qualified product for use in systems affected by the National Security Framework (ENS), with security classification MEDIUM or BASIC.
Unlike Common Criteria certifications, LINCE certifications are not recognized internationally, being valid only in Spain.
Any vendor that is interested in including their product in the CPSTIC catalogue for systems with security classification MEDIUM or BASIC.
Contact us and begin your certification process today.