Common Criteria Portal alternative
Common Criteria Portal alternative
The official Common Criteria Portal is the authoritative registry for CCRA-recognised certifications. It's free, public, and reliable. But it's a registry, not a tool: no search, no notifications, no vendor pages, no CVE linkage, no coverage of EUCC / SESIP / PSA Certified / EMVCo / ESA / MIFARE. NenkinTracker adds those features on top of the portal's data, plus full coverage of the non-CCRA schemes (2446 certifications in one searchable database).
NenkinTracker vs Common Criteria Portal - feature comparison
| Feature | commoncriteriaportal.org | NenkinTracker |
|---|---|---|
| Coverage of Common Criteria (CCRA) certifications | Yes - official registry | Yes - full mirror, refreshed nightly |
| Coverage of EUCC, SESIP, PSA Certified, EMVCo, ESA, MIFARE | - | Yes - all in one searchable database |
| Free-text search across products and vendors | Limited - list views only | Yes - full-text search by product, vendor, certificate ID |
| Filter by EAL, scheme, status, CVE exposure | - | Yes - interactive filters |
| Per-vendor product catalogue with full certification history | - | Yes - one page per vendor |
| Per-Protection-Profile conforming products list | Partial - text-only PP catalog | Yes - every PP linked to its conforming products |
| Email notifications when a certification changes | - | Yes - per-product, per-vendor, per-scheme follows |
| Document version history with change detection | - | Yes - every Security Target and Certification Report archived |
| CVE linkage to certified products | - | Yes - CVEs linked from NVD to certified products |
| Export evidence for audits and procurement | - | Yes - structured CSV / JSON exports |
| Open API for programmatic access | - | Yes - public read-only API for tracker accounts |
| Access cost | Free, public | Free tier; paid plans for follows + notifications + exports |
Common questions
Is NenkinTracker affiliated with the Common Criteria Portal?
No. NenkinTracker is an independent commercial product built by Nenkin. The Common Criteria Portal (commoncriteriaportal.org) is the official registry operated by the Common Criteria Recognition Arrangement signatories. NenkinTracker ingests the portal's public data alongside data from EUCC, SESIP, PSA Certified, EMVCo, ESA and MIFARE.
Why use NenkinTracker instead of the Common Criteria Portal?
The official portal is a registry, authoritative for CCRA but with no search, no notifications, no vendor pages, no Protection Profile cross-links, no CVE linkage, no document version history, and no coverage of non-CCRA schemes. NenkinTracker adds those features on top of the portal's data.
Does NenkinTracker cover EUCC?
Yes. The EU Cybersecurity Certification (EUCC) scheme is fully indexed alongside CCRA, with the same search, filtering, notification, and CVE-tracking capabilities. EUCC certifications are not currently listed on the Common Criteria Portal.
Is the data on NenkinTracker the same as on the Common Criteria Portal?
For CCRA certifications, NenkinTracker re-ingests the portal's public data nightly. Source documents (Security Targets, Certification Reports) are preserved verbatim with version history. For EUCC, SESIP, PSA Certified, EMVCo, ESA and MIFARE, the data comes directly from each scheme's own registry.