EJBCA is justs a software, compliance is also a lot about how you configere the software.
EJBCA has been penetration tested rigorously
Due to the high costs involved, sertifications and audits are are done on EJBCA Enterprise edition. Enterprise undergoes security certifications and penetration testing such as, Common Criteria, multiple 3rd party penetration testing, etc. Enterprise is also used a lot in audited environments such as PCI-DSS, eIDAS/ETSI and WebTrust.
Regards,
Tomas
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Does EJBCA Community already OWASP ASVS compliance?
EJBCA is justs a software, compliance is also a lot about how you configere the software.
EJBCA has been penetration tested rigorously
Due to the high costs involved, sertifications and audits are are done on EJBCA Enterprise edition. Enterprise undergoes security certifications and penetration testing such as, Common Criteria, multiple 3rd party penetration testing, etc. Enterprise is also used a lot in audited environments such as PCI-DSS, eIDAS/ETSI and WebTrust.
Regards,
Tomas
Thanks a lot @anatom
Stay safe and keep healthty
Don