CSfC - Commercial Solutions for Classified 


The National Security Agency (NSA) Commercial Solutions for Classified (CSfC) program is the latest evolution related to the FIPS and Common Criteria (CC) testing and evaluation paradigm.  

The CSfC program has been created to promote the development of security-enabled products that can be used off-the-shelf for classified applications.

To reuse  the existing CC and FIPS programs, tbe CSfC program has created capability packages and defined selections for NIAP-approved Protection Profiles. The result is that CSfC builds from CC security evaluation results which, in turn, build from FIPS cryptographic algorithm testing results.

Do you want to be part of the CSfC program? Gossamer can guide you through the process. The Gossamer team can lead you from the Memorandum of Agreement (MOA) process with the NSA through to the listing on the CSfC component listings.

Gossamer is familiar with the available CSfC capability packages and CSfC selections for the NIAP-approved Protection Profiles. With this knowledge Gossamer can perform a Common Criteria evaluation and any necessary FIPS 140-2 cryptographic algorithm testing that will support a CSfC product listing. Once the Common Criteria evaluation is completed, Gossamer can assist in any additional CSfC program testing. All of this work is performed in a timely manner to support MOA deadlines.

If you have already signed an MOA and need to get an evaluation completed or if you are interested in exploring the CSfC evaluation process, contact Gossamer for more information.