Common Criteria for Developers Learning Path

This is the Common Criteria for developers learning path. Students will take a deep dive into what exactly is required to get your product evaluated and reach Common Criteria certification.

7 hours, 24 minutes

Quick facts

About this learning path

  • courses

    100% online

  • Duration

    7 hours, 24 minutes

  • Assessment


About Common Criteria for Developers

Explore Common Criteria and what it takes to get your product evaluated. You'll dive into Common Criteria updates to how Common Criteria and look at the new paradigm shift of collaborative Protection Profiles (cPP). Over multiple courses, you'll learn about Evaluation Assurance Level (EAL), Security Targets for EAL evaluations, cPP Network Devices and the use of hashing functions to validate software packages.



Common Criteria for Developers Skill Assessment

Assessment - 30 questions

Introduction to Common Criteria

Course - 00:50:00

In this course, you'll explore what Common Criteria it is and why Common Criteria certification is important. You'll learn about the new paradigm in certification, moving away from EAL to a collaborative protection profile, and what this means for you. Finally, you'll take a brief look at the history of Common Criteria and where it came from.
EAL Evaluation

Course - 02:51:00

This course begins with an overview of an EAL evaluation. We'll cover what level of an EAL you will want to have your product evaluated at and why EAL 2 is recommended. We'll discuss selecting an authorizing Common Criteria scheme and the pros and cons of selecting various international authorizing Common Criteria schemes. Once a scheme is decided on, you can get bids from various Common Criteria Testing Labs (CCTLs).
cPP Network Device Evaluation

Course - 03:27:00

Explore the required documentation for a cPPND evaluation. Next, take a deep dive into what a Security Target is. Learn how to scope the target of evaluation (TOE) and write a Security Target (ST). The course goes on to describe the Vendor Documentation required for a cPPND evaluation. Finally, we look at what to expect once the CCTL submits your product's evaluation package to the CC authorizing scheme.

Meet the author

Debra Baker

Debra Baker has over 20 years of information security experience, beginning with her time in the United States Air Force (USAF). After leaving the Air Force, she worked at IBM. She left IBM to work as a PKI integrator at Entrust Technologies. She then moved into governance, risk and compliance when she became a Common Criteria Evaluator at Cygnacom. Her Common Criteria experience continued on the vendor side, providing her expertise to multiple large-scale vendors while at Corsec and then at Cisco while on the Global Certification Team. She founded a new authoritative cryptographic knowledge base called Crypto Done Right which began as a collaboration between Cisco and Johns Hopkins University. 


Debra was recently named as one of the top 100 Women in Cybersecurity in the book Women Know Cyber: 100 Fascinating Females Fighting Cybercrime. She also is a contributor to the Language of Cybersecurity book. She frequently speaks at security conferences. She currently is a Sr Technical Program Manager at RedSeal. She is responsible for all product certifications, including Common Criteria, DOD-UCAPL, FIPS-140, SOC2 and FedRAMP. In addition, she manages large-scale customer deployments and leads an internal threat team that reviews the latest threats and how to defend using RedSeal.


The details

Learning path insights

How to claim CPEs

Should you complete this learning path, you’ll be able to download a certificate of completion. Use this to claim your CPEs or CPUs.

No software. No set up. Unlimited access.

Skip the server racks and spin up a realistic environment with one click. Infosec Skills cyber ranges require no additional software, hardware or server space so your team can spend less time configuring environments and more time learning. Unlimited cyber range access is included in every Infosec Skills subscription so your team can skill up however they learn best.

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments

Plans & pricing

Infosec Skills Personal

$299 / year

  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Learn about scholarships and financing with

Affirm logo