Common Criteria Certification

Cogito Group Achieves Common Criteria Certification for High-Assurance PKI Platform 

Date: 5 May 2026 

We have achieved Common Criteria certification under ISO/IEC 15408 for our high-assurance Public Key Infrastructure (PKI) platform—an important milestone in our commitment to delivering trusted, resilient digital security solutions. 

The certification follows independent evaluation by Viden and formal certification by the Australian Signals Directorate (ASD), providing internationally recognised assurance that our platform meets defined security objectives under one of the world’s most rigorous evaluation frameworks. 

Strengthening trust for critical sectors 

For organisations operating in government, defence, critical infrastructure and regulated industries, security assurance cannot rely on vendor claims alone. 

This certification provides independent evidence that our platform has been evaluated against strict, internationally recognised criteria—strengthening confidence in its ability to support: 

  • Trusted digital identity 
  • Certificate lifecycle management 
  • Secure cryptographic infrastructure 

As our Managing Director, Richard Brown, explains: 

“High-assurance customers should not have to rely on vendor claims alone. Common Criteria certification gives our customers independent evidence that our platform has been evaluated against defined security objectives. It is an important milestone for sovereign Australian capability and for organisations that need trusted digital identity infrastructure.” 

Building for the future of cryptography 

Our certified platform, built on our Jellyfish software architecture, is designed not only for today’s threats but also for the challenges ahead. 

It is Post-Quantum Cryptography (PQC) ready, providing the flexibility required to transition to future cryptographic standards as they emerge. This ensures our customers can evolve their security posture without disruptive changes to core infrastructure. 

Content Image

Expanding access through SecureSME 

This milestone also accelerates the global expansion of SecureSME—our Public Key Infrastructure and Certificate Lifecycle Management as a Service offering. 

Built on the certified Jellyfish architecture, SecureSME enables enterprise organisations worldwide to access: 

  • High-assurance PKI capabilities 
  • Scalable certificate lifecycle management 
  • Security controls traditionally reserved for national security environments 

Our goal is to make high-assurance security more accessible, helping organisations strengthen trust in their digital ecosystems without the complexity typically associated with advanced cryptographic infrastructure. 

Advancing sovereign capability 

Achieving Common Criteria certification through the Australian scheme reflects our broader commitment to strengthening sovereign cybersecurity capability. 

We are proud to contribute to the development of trusted Australian security technologies that align with global standards and support the protection of critical systems and data.