SUSE Certifications and Features

JUMP TO...

SUSE Linux Enterprise

Rancher

A Process That Never Ends

SUSE is committed to delivering best effort security to its customers and to the Open Source community. We believe that trust in Open Source Software, security in general, and the user's privacy in particular, are both indispensable and indefeasible. The Security Certifications and Security Solutions Teams continually work to certify all SUSE products, and develop security solutions to ensure the highest level of trust and reliability for our customers.

Latest News

  • SUSE Receives Renewed ISO 27001 and ISO 27701 Certifications

    November 2025 - SUSE has successfully obtained renewed certifications for ISO 27001:2022 and ISO 27701:2019 from LRQA. These certifications reaffirm SUSE’s continued commitment to information security and privacy excellence.

    The certifications demonstrate that SUSE’s Information Security Management System (ISMS) and Privacy Information Management System (PIMS) meet internationally recognised standards, providing our customers, partners, and employees with confidence that data is managed securely and responsibly.

    You can download the renewed certifications using the link below:

    ISO 27001 and ISO 27701

  • SUSE Transitions to New Certification Body LRQA and Upgrades Information Security Standards to ISO/IEC 27001:2022

    06/03/2025 - SUSE has moved to a new certification authority LRQA Group Limited, and successfully completed the new version of ISO 27001:2022 and ISO 27701:2019 certification. These certifications serve as a testament to SUSE's ongoing dedication to excellence, providing our customers with the assurance that our practices meet the highest industry and compliance standards. To request the latest certificate please contact: cybersecurity@suse.com

  • NIST CMVP Process for FIPS Validation and Updates, Patches, and CVEs

    02/07/2025 - NIST has updated their site outlining the process for handling updates, patches, and CVEs for certified modules. You can read their statement at: https://csrc.nist.gov/Projects/cryptographic-module-validation-program/cmvp-flow in the section entitled "FIPS Validation and Updates, Patches, and CVEs".

  • SUSE receives SOC2 and SOC3 Certification

    02/06/2025 - SUSE has attained SOC 2 and SOC 3 information security certification for both SUSE Corporate, as well as for Rancher Prime Hosted. The SOC 2 (Service Organization Control) Type 2 reports for SUSE Corporate and Rancher Prime Hosted provide a comprehensive assessment of SUSE’s organizational security controls over the one-year audit period, and they demonstrate to our clients and partners that their data is being protected effectively and consistently. It also builds trust by proving SUSE has a defined set of security practices in place and operates them effectively. All of which are crucial for securing business deals, especially with large enterprises that require high data security standards, lowering risks, and identifying potential gaps that require additional or modified policies and procedures. SOC 2 reports are need-to-know basis and can be provide to our clients upon request. SOC 3 reports will be available online.

  • SUSE SLE Micro 5.3 attains Common Criteria Certification

    01/24/2025 - SUSE SLE Micro 5.3 has attained Common Criteria (CC) Certification. It is the first-ever product security certification for SLE Micro and documents compliance with the CC standard for the NIAP General Purpose Operation System (GPOS) protection profile. More information can be found at: https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Betriebssysteme/1214.html and https://www.suse.com/support/security/certifications/. This certification is often required for customers in regulated markets (financial services, health, pharma, governments, etc.).

  • SUSE receives USGv6 certification of SUSE Linux Micro 6.1 from the University of New Hampshire Interoperability Laboratory

    12/17/2024 - SUSE Linux Micro 6.1 (SL Micro) has been certified by the University of New Hampshire Interoperability Laboratory (UNH-IOL) against the technical requirements of the USGv6-r1 profile. UNH-IOL provides testing and evaluation services of IPv6 technologies and certifies compliance.

  • SUSE receives NIST FIPS 140-3 validation of the SUSE Linux Enterprise Server Libica Cryptographic Module

    10/07/2024 - SUSE has attained NIST FIPS 140-3 certification of our SUSE Linux Enterprise Server (SLES) Libica Cryptographic Module thus completing the full certification process of SLES 15 SP4.

  • SLES 15 receives Common Criteria EAL4 certification from Korean IT Security Certification Center

    08/20/2024 - SUSE has attained a Common Criteria EAL4 level security certification for SUSE Linux Enterprise Server (SLES) 15 from the Korean Information Technology Security Certification Center (ITSCC), who evaluate and certify products for use by government agencies of the Republic of Korea.  SLES 15 is now listed on the ITSCC Approved Product Database permitting all agencies and organizations to utilize our product. The certificate can be viewed or retrieved from: https://www.itscc.kr/certprod/listA.do  

  • DISA releases the SUSE Linux Enterprise Micro 5 Security Technical Implementation Guide

    06/20/2024 - DISA has released the SUSE Linux Enterprise Micro (SLEM) 5 Security Technical Implementation Guide (STIG).  The STIG can be downloaded from the DISA Document Library at: https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_SLEM_5_V1R1_STIG.zip

  • NIST validates the SUSE Rancher Kubernetes Cryptographic Library

    04/21/2024 - SUSE has received NIST validation under FIPS 140-2 for its SUSE Rancher Kubernetes Cryptographic Library. The certificate can be reviewed at: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4691

  • SUSE achieves Chinese Government Standard GB 18030 certification

    01/16/2024 - SUSE has achieved certification by the Chinese government for SUSE Linux Enterprise 15 for the GB 18030 standards.  The GB 18030 is the Chinese ideographic character set and encoding standard mandated by the Chinese government.  It was updated in 2022 supports the extended character support, and was implemented August 1, 2023. 

  • SUSE SLES 15 SP4 Common Criteria Certified

    12/15/2023 - SUSE Linux Enterprise Server 15 SP4 is now Common Criteria certified with the BSI scheme.  This guarantees that our operating system meets all the requirements of the NIAP Protection Profile General Purpose Operating System along with Functional Package for Secure Shell (SSH).