Common Criteria is an internationally approved set of security standards used by governments and businesses worldwide. It is designed to bolster end-user confidence by providing clear and reliable assurance that a technology’s integrity and security architecture have been thoroughly tested and validated by an accredited, third-party source against the Common Criteria Standard for Information Technology Security Evaluation (ISO/IEC 15408).

Recognized and adopted by 22 countries, Common Criteria certification allows security-conscious organizations such as the U.S. government to purchase IT products with the confidence that they are in compliance with widely accepted security standards. In addition to its significance in government, Common Criteria is gaining momentum in financial services, healthcare and other industries that benefit from the security assurance certification affords.
Paul Smith, vice president of government sales operations, Red Hat said: “The achievement of Common Criteria certification for JBoss Enterprise Application Platform will mark a key milestone for Red Hat. The demand for enterprise-class solutions that stand up to strict security requirements continues to grow across many industries. Pursuit of this certification reinforces our continued commitment to security-minded customers and leadership in the area of IT security and speaks to the maturity of JBoss Enterprise Middleware as an enterprise-ready solution.”
atsec has significant experience with Red Hat products, having evaluated Red Hat Enterprise Linux in partnership with several hardware vendors, culminating in 14 certifications in the last four years. In addition, atsec has vast experience evaluating Java platforms.

Ken Hake, Common Criteria Laboratory Manager for atsec U.S., notes: “Red Hat’s continued commitment to security and compliance provides customers who trust JBoss Enterprise Middleware for their business critical deployments with an added level of assurance.”

JBoss Enterprise Application Platform is a leading platform for innovative and scalable Java applications. JBoss Enterprise Application Platform balances innovation with enterprise class stability by integrating the most popular clustered Java EE application server with next generation application frameworks. Built on open standards, JBoss Enterprise Application Platform integrates JBoss Application Server, with JBoss Hibernate, and JBoss Seam into a complete, simple enterprise solution for Java applications. Available through flexible and affordable subscriptions, JBoss Enterprise Application Platform makes it easy to develop, deploy, and manage enterprise Java applications.
atsec is one of only four companies worldwide with multiple evaluation labs accredited to perform evaluations under more than one national scheme. atsec labs have been accredited by NIAP CCEVS in the U.S., BSI in Germany and CSEC in Sweden to perform evaluations using the Common Criteria standard. Eligibility to perform evaluations under three major schemes and the availability of a large staff of qualified evaluators enable atsec to offer its customers both maximum flexibility and proven expertise and experience in Common Criteria evaluations. For more information about atsec’s qualifications and competence, see www.atsec.com. For independent confirmation of atsec’s competence and reputation, visit the NIAP, BSI or CSEC websites.
For more information on Red Hat’s Common Criteria leadership, visit http://www.redhat.com/solutions/government/commoncriteria/.

About atsec information security
atsec information security is an independent, standards-based information technology security services company that combines a business-oriented approach to information security with in-depth technical knowledge and global experience. atsec was founded in Munich (Germany) in 2000 and has extensive international operations with offices in the U.S., Germany, Sweden, and China.
atsec offers evaluation and testing services leading to formal certification for IT security including evaluation under Common Criteria schemes in the U.S., Germany, and Sweden; cryptographic module and algorithm testing under the Cryptographic Module Validation Program of the National Institute of Standards and Technology (NIST) in the U.S. and Communications Security Establishment Canada (CSEC) in Canada; and compliance validation to the Payment Card Industry (PCI) Data Security Standard.
atsec also offers secure code review, ISO/IEC 27001 ISMS consulting, and penetration testing and scanning services. atsec works with leading global companies such as IBM, HP, Oracle, Cray,BMW, SGI, Vodafone, Swisscom, RWE, and Wincor-Nixdorf.

About Red Hat, Inc.
Red Hat, the world's leading open source solutions provider, is headquartered in Raleigh, NC with over 50 satellite offices spanning the globe. CIOs have ranked Red Hat first for value in Enterprise Software for four consecutive years in the CIO Insight Magazine Vendor Value study. Red Hat provides high-quality, affordable technology with its operating system platform, Red Hat Enterprise Linux, together with applications, management and Services Oriented Architecture (SOA) solutions, including the JBoss Enterprise Middleware Suite. Red Hat also offers support, training and consulting services to its customers worldwide. Learn more: http://www.redhat.com.

Forward-Looking Statements
Certain statements contained in this press release may constitute "forward-looking statements" within the meaning of the Private Securities Litigation Reform Act of 1995. Forward-looking statements provide current expectations of future events based on certain assumptions and include any statement that does not directly relate to any historical or current fact. Actual results may differ materially from those indicated by such forward-looking statements as a result of various important factors, including: risks related to the integration of acquisitions; the ability of the Company to effectively compete; the inability to adequately protect Company intellectual property and the potential for infringement or breach of license claims of or relating to third party intellectual property; risks related to data and information security vulnerabilities; ineffective management of, and control over, the Company's growth and international operations; adverse results in litigation; and changes in and a dependence on key personnel, as well as other factors contained in our most recent Quarterly Report on Form 10-Q (copies of which may be accessed through the Securities and Exchange Commission's Web site at http://www.sec.gov), including those found therein under the captions "Risk Factors" and "Management's Discussion and Analysis of Financial Condition and Results of Operations". In addition to these factors, actual future performance, outcomes, and results may differ materially because of more general factors including (without limitation) general industry and market conditions and growth rates, economic conditions, and governmental and public policy changes. The forward-looking statements included in this press release represent the Company's views as of the date of this press release and these views could change. However, while the Company may elect to update these forward-looking statements at some point in the future, the Company specifically disclaims any obligation to do so. These forward-looking statements should not be relied upon as representing the Company's views as of any date subsequent to the date of the press release.

LINUX is a trademark of Linus Torvalds. RED HAT® and JBOSS® are registered trademarks of Red Hat, Inc. and its subsidiaries in the US and other countries.
atsec is a trademark of atsec information security GmbH.

Media Contact:
Andreas Fabis, fabis@atsec.com
Marketing Director
atsec information security
(512) 615-7317

Stephanie Stadler, sstadler@speakerboxpr.com
SpeakerBox Communications for Red Hat
(703) 287-7819