CHARLESTON, S.C. March 29, 2021 - Crunchy Data, the leading provider of trusted open source PostgreSQL for the enterprise, is pleased to announce that Crunchy Certified PostgreSQL, Crunchy Data’s commercially available distribution of PostgreSQL 12, has been successfully evaluated by the Canadian Centre for Cyber Security for conformance with the Protection Profile for Database Management Systems (DBMS PP) Base Package, Version 2.12 at the Common Criteria Evaluation Assurance Level (EAL) 2+.
This completion of Common Criteria EAL 2+ evaluation, an international standard for computer security certification, ensures that Crunchy Certified PostgreSQL represents the most trusted open source, enterprise Postgres distribution. In 2016, Crunchy Certified PostgreSQL became the first commercially available open source relational database management system to receive Common Criteria Certification.
Crunchy Data's investment in this international security certification provides an independent validation of the security functionality of Crunchy Certified PostgreSQL, a 100% open source distribution of PostgreSQL, including extensions such as PostGIS, pgaudit and the JDBC driver.
“Crunchy Certified PostgreSQL provides enterprises with an open source and commercially supported distribution of Postgres that is validated by an independent laboratory to demonstrate compliance with the rigorous Common Criteria security standards,” said Crunchy Data President Paul Laurence. "Crunchy Data remains committed to providing Postgres users with the most trusted Postgres distribution, backed by our leading support."
Common Criteria at the EAL 2+ level certification provides third party, lab-based validation of the security functionality of Crunchy Certified PostgreSQL software, as well as Crunchy Data's implementation of secure support and supply chain methodologies, each as provided by an international working group consisting of members from industry database developers, government agencies and laboratories.
Crunchy Data has previously collaborated with the Defense Information Systems Agency (DISA) to create and validate secure configurations of PostgreSQL, the world’s most advanced open source database, for sensitive computing environments. DISA recently published the Crunchy Data PostgreSQL Security Technical Implementation Guide, which offers a configuration roadmap to deploy Crunchy Certified PostgreSQL with an approved security baseline while still helping to drive innovation across an organization.
About Common Criteria Certification
The Common Criteria for Information Technology Security is an international standard (ISO/IEC 15408) for computer security certification. Common Criteria provides assurance that the specification, implementation and evaluation of a computer security product has been conducted in a rigorous, standard and repeatable manner at a level appropriate for its target environment.
About Crunchy Data
Crunchy Data is the leading provider of trusted open source PostgreSQL and enterprise PostgreSQL technology, support and training. Crunchy Data offers Crunchy Certified PostgreSQL, the most advanced and true open source RDBMS on the market, Crunchy PostgreSQL for Kubernetes, the leading solution for deploying Kubernetes native Postgres, and recently launched Crunchy Bridge, a fully managed multi-cloud Postgres service that gives enterprises the ultimate choice in Postgres management and provides the ability to modernize infrastructure as needed. Learn more at www.crunchydata.com.