EUCC Certification with CCLab
CCLab supports your EUCC certification journey with proven expertise and efficient processes.
RED Cybersecurity - Steps of Compliance Infographics
Download this infographic guide for a clear overview of the RED’s key stages, covering technical requirements, risk assessment, and strategic decisions for EU compliance.
.png)
CCguide Training Course
Subscribe to CCGuide! Learn how to write Developer Docs based on EUCC Common Criteria.
Start your preparation for CRA
The CRA introduces mandatory, lifecycle-based cybersecurity requirements for all products with digital elements. We help you navigate this complexity with clear processes, hands-on support, and compliance-ready evaluation expertise.
Companies who chose us
About CCLAB
CCLab Ltd. was founded in 2013 as an agile, ISO 17025 accredited cybersecurity laboratory primarily to work in Common Criteria evaluations and consultations.It has been accredited by OCSI, Certification Body of the Italian Scheme since 2015, by TrustCB, the Dutch CB since 2025, and by IECEE CB Scheme from 2024.
CCLab has conducted many successful Common Criteria evaluation and consultation projects, and the number keeps increasing in size and quality continuously each year.
In 2023 CClab has joined the QIMA group, a global Testing, Inspection and Certification player, operating in more than 100 countries from 60 offices and labs.
Our Cybersecurity solutions
Navigate the complex landscape of cybersecurity certifications
with expert guidance
Common Criteria Evaluation
ISO 15408 Common Criteria Compliance and Certification up to EAL4+ or EAL5.
Common Criteria Consultancy
Professional support to prepare for a successful Common Criteria evaluation saves you cost and effort.
Consumer IoT (ETSI EN 303 645) Cybersecurity
Comply with ETSI EN 303 645 standards, providing guidelines and expertise for the security of consumer Internet of Things (IoT) devices.
Smart Metering Cybersecurity
Data security solutions for smart metering system components with independent verification by out certified laboratory.
Radio Equipment Directive Cybersecurity Compliance
Learn more about the Radio Equipment Directive (RED) specifying cybersecurity requirements for radio equipment sold within the EU.
UK PSTI compliance
How to get your connected device compliant with the upcoming cybersecurity regulation in the UK, the Product Security and Telecommunications Infrastructure (PSTI) Act.
Industrial Control System Security
Cybersecurity evaluation and certification of industrial automation and control system based on ISA/IEC 62443-4-1 and 62443-4-2 standards.
Cybersecurity Certification
Get your IoT, IIoT device certified after successful evaluation and testing based on ETSI 3030 645 or IEC 62443-4-1, 62443-4-2.
.png)
Evaluation with
agility in mind
What does it mean?
Dedicated project leader, who understands the processes
No surprises at the end of the project,
Weekly/biweekly
status meetings
Emails are responded within one working day
Short iterations with immediate feedback
Understandable and solution-oriented observation reports
We intervene immediately in case of any minor problems
Track progress in monthly reports
Cybersecurity News
Cyber Resilience Act: The Complete Survival Guide for Manufacturers
6
min reading time
This article provides an in-depth overview of the EU Cyber Resilience Act (CRA), exploring why this regulation has become a mandatory condition for EU market entry. It breaks down essential security requirements such as mandatory Software Bill of Materials (SBOM) and strict 24-hour incident reporting while explaining product classifications and conformity assessment routes like Module A, B+C, and H. Learn how to integrate secure-by-design principles into your development lifecycle to avoid costly redesigns, navigate the technical documentation process, and turn regulatory compliance into a competitive advantage.
Is Your Radio Device a "High-Risk" AI System? Navigating the RED and AI Act Overlap
9
min reading time
The newly enforced AI Act significantly shifts the regulatory landscape for hardware manufacturers by explicitly listing the Radio Equipment Directive (RED) as critical safety legislation. If a radio device uses AI for mandatory functions like network protection or data privacy, it will likely be classified as a "High-Risk AI System" under these new rules. This classification creates a "Double Lock" on compliance, requiring manufacturers to integrate AI-specific audits into their existing 2025 RED conformity assessments. Failing to plan for this overlap today is a strategic error that could force a total product redesign by 2027 when the regulations fully converge. By adopting an integrated compliance strategy now, manufacturers can ensure long-term market access and avoid the costs of redundant testing.
Cyber Resilience Act & EUCC Explained: Key Differences, Overlaps and Compliance Pathways
9
min reading time
As the 11 September 2026 reporting deadline approaches, understanding the Cyber Resilience Act (CRA) is essential for all manufacturers of digital products. This blog post explores the key differences and overlaps between the CRA and the EUCC certification scheme, providing a clear roadmap for compliance, risk categorization, and long-term market access.
Meet us here
Join our captivating cybersecurity events to enhance your knowledge and engage with our team of experts.
.png)
CCLab at ICCC 2025: See You in Songdo, Korea
CCLab is excited to be part of the 24th International Common Criteria Conference taking place from 21st to 23rd of October 2025 at the Central Park Hotel in Songdo, Korea.
EN 18031 Kiberbiztonsági szabványok, szakmai képzés
Internetkapcsolattal rendelkező rádióberendezésekkel vagy vezeték nélküli IoT eszközökkel dolgozik, és szeretné megtudni, hogyan felelhet meg a RED irányelv és a kiberbiztonsági harmonizált szabványok követelményeinek?
Testimonials
Kenneth Lasoski
Versa Networks
Evaluation team was extremely reasonable and flexible with resolution to findings and was helpful in finding agreeable solutions for CB comments. Consultation team was always responsive and helped shape the documentation for easier evaluation, and provided useful recommendations on satisfying SFR/SARs.
Thierry Bonda
Landis+Gyr
CCLab was well prepared, flexible during the whole evaluation process, and supported us with continuous communication and guidance. Many lessons were learnt during the project and CCLab has always been looking for solutions, supporting our developers the best way they could. The new Swiss evaluation methodology was a good and professional basis to work with, but both parties had to learn how to deal with it.
Jake Nelson
Corsec Security Inc.
The relationship between Corsec and CCLab has been instrumental in helping product vendors successfully complete the Common Criteria certification process. As a Common Criteria consultant to the product vendor, Corsec relies on CCLab’s responsiveness and expertise to quickly and thoroughly complete the testing component of the process. CCLab has been essential in managing multiple projects, their professionalism has helped ensure product vendor satisfaction and ultimate project success.
Alexander Testov
AO Kaspersky Lab.
"I would definitely recommend CCLab to anyone in need of Common Criteria certification. Our cooperation was comfortable, well organized and efficient. I am totally satisfied with the result."
Dayton Marcucci
HID Global
The CCLab team gave us full support to adapt to the changes during product development. Whatever the challenges faced they could keep the due dates and we were able to complete the process quickly and efficiently. The real agile lab helped our success. We are going to work with them again. I highly recommend them to anyone wanting to get its product certified.
Jaime Chica
NXP Semiconductors
It was a well-managed project which achieved success in an effortless manner.
Kalev Pihl
SK ID Solutions
We needed a lab that works quickly but with high work morale and quality of work. CCLab is exactly like that! It was good cooperation experience to work with them. The project was rather complex and our expectations maybe even too high, but the team was committed to the common goals and could keep the milestones; therefore we were able to deliver what was needed. I highly recommend CCLab team to anyone for their great team spirit, quality orientations, agility and reasonable pricing.
Israr Ahmed
Ascertia Ltd.
On behalf of Ascertia, accept my appreciation for the excellent job done by CCLab team over the past several months in achieving the Common Criteria Certificate for ADSS Server SAM solution. It was an enormous undertaking but went smoothly and efficiently! Thanks to your leadership and dedication combined with your staff's teamwork and energy, we achieved our target. You and your employees should take great pride in this accomplishment. We look forward to extend our work with you for our next certification milestone and hope will continue to get such excellent service.
Zsolt Rózsahegyi
I4P Informatics Ltd.
Thanks to the agile processes we've been able to add new features to the product during the evaluation that made it even more valuable to customers. CCLAB efficiently supported us throughout the whole change management process. The predictability, accurate scheduling, and supportive mindset helped us to finish the project in time.
