{"id":33471,"date":"2026-04-22T00:00:10","date_gmt":"2026-04-21T22:00:10","guid":{"rendered":"https:\/\/www.proactivanet.com\/?p=33471"},"modified":"2026-04-21T18:08:57","modified_gmt":"2026-04-21T16:08:57","slug":"cpstic","status":"publish","type":"post","link":"https:\/\/www.proactivanet.com\/en\/blog\/proactivanet-en\/cpstic\/","title":{"rendered":"CPSTIC: The CCN seal that revolutionizes technological confidence"},"content":{"rendered":"<p>The<a href=\"https:\/\/cpstic.ccn.cni.es\/es\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\"><b> CPSTIC<\/b><\/span><\/a> Catalog <span style=\"font-weight: 400;\">has established itself as the cornerstone for the acquisition of secure technology not only for the Spanish Public Administration, but also for other non-governmental organizations. In an environment where cyber threats are increasingly frequent and sophisticated, having a certification from the National Cryptologic Center (CCN) is not only a competitive advantage, but also a guarantee of resilience.<\/span><\/p>\n<p><b>In summary:<\/b><\/p>\n<p><span style=\"font-weight: 400;\">The <a href=\"https:\/\/cpstic.ccn.cni.es\/es\/\" target=\"_blank\" rel=\"noopener\">CPSTIC Catalog<\/a> is the official list of security products and services reviewed and authorized by the CCN to handle sensitive information. Guarantees that the technological solutions have passed rigorous audits defined in the CCN STIC guidelines.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h3><b>What exactly is the CPSTIC Catalog?<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">The technical definition of the <\/span><b>CPSTIC Catalog<\/b><span style=\"font-weight: 400;\">  can be found in the CCN-STIC 105 guide. This is the \"Information and Communication Technologies Security Products and Services Catalog\". It is the official registry where the  <\/span><b>CCN (National Cryptologic Center)<\/b><span style=\"font-weight: 400;\"> includes solutions that have proven their ability to protect classified national information or highly sensitive data.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Its main objective is to offer a proven level of confidence to customers and end users, ensuring that the product has been evaluated by independent, accredited laboratories and meets the most stringent safety requirements in the country.<\/span><\/p>\n<h3><b>Key points of the catalog<\/b><\/h3>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Official reference:<\/b><span style=\"font-weight: 400;\"> It is the reference guide that public administration and other private companies should consider for the purchase of cybersecurity products and services.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>External evaluation:<\/b><span style=\"font-weight: 400;\"> Each product must pass a demanding audit by an accredited, independent laboratory.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Security classification:<\/b><span style=\"font-weight: 400;\"> Products are categorized according to the level of information they can handle and\/or the level of ENS adaptation they are capable of managing<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Constant updating:<\/b><span style=\"font-weight: 400;\"> The catalog is periodically revised to include new products and services according to the evolution of identified threats....<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Quality seal:<\/b><span style=\"font-weight: 400;\"> Functions as a safety certificate at the highest level , accrediting the product itself, not the organizations.<\/span><\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<h2><b>Structure and security levels in the CPSTIC<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Not all products included in the CPSTIC <\/span><b>CPSTIC Catalog<\/b><span style=\"font-weight: 400;\">  have the same attributions. The catalog taxonomy divides the solutions into categories according to their functionality (identity management, network security, monitoring, etc.) and their ability to handle different levels of information classification and\/or ENS levels.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Inclusion in this list enables organizations to automatically comply with most of the requirements of the <\/span><b>National Security Scheme (ENS)<\/b><span style=\"font-weight: 400;\">simplifying internal audit processes.<\/span><\/p>\n<h3><b>Why is it vital for the public sector?<\/b><\/h3>\n<ol>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Technical confidence:<\/b><span style=\"font-weight: 400;\"> Eliminates uncertainty about the robustness of a tool.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Legal compliance:<\/b><span style=\"font-weight: 400;\"> Aligns technology infrastructure with current regulations.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Digital sovereignty:<\/b><span style=\"font-weight: 400;\"> Prioritizes the use of tools verified by national intelligence.<\/span><\/li>\n<\/ol>\n<p>&nbsp;<\/p>\n<h2><b>Case Study: Proactivanet and the CPSTIC Catalog<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">After an intense process of auditing and continuous improvement, Proactivanet has reached a strategic milestone in its commitment to security: the Proactivanet solution is now officially included in the CPSTIC Catalog. <\/span><a href=\"https:\/\/cpstic.ccn.cni.es\/es\/catalogo-productos-servicios-stic\/765-proactivanet-onpremise10-25?ic=1\" target=\"_blank\" rel=\"noopener\"><b>Proactivanet solution is now officially included in the CPSTIC Catalogue<\/b><\/a><span style=\"font-weight: 400;\">Catalog, under the taxonomy of \"Compliance and Governance\", with an <\/span><b>ENS High level<\/b><span style=\"font-weight: 400;\">.<\/span><\/p>\n<p>&nbsp;<\/p>\n<p><span style=\"font-weight: 400;\">This achievement, led by the company's SQA and Security team, certifies that the tool has successfully passed all the requirements validations and security audits carried out by accredited laboratories, with the endorsement of the National Cryptologic Center.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">With this official accreditation, Proactivanet is positioned as one of the few IT Service and Asset Management tools authorized to operate in high security environments with the highest regulatory requirements.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h3><b>CPSTIC Catalog Frequently Asked Questions (FAQ)<\/b><\/h3>\n<ol>\n<li> <b> What is the <a href=\"https:\/\/www.ccn-cert.cni.es\/es\/pdf\/guias\/series-ccn-stic\/guias-de-acceso-publico-ccn-stic\/2536-ccn-stic-105-catalogo-de-productos-de-seguridad-de-las-tecnologias-de-la-informacion-y-la-comunicacion\/file.html\" target=\"_blank\" rel=\"noopener\">CCN-STIC 105 guide<\/a>?<\/b><span style=\"font-weight: 400;\"> It is the normative document that regulates the criteria and procedure for a security product or service to become part of the official CCN catalog.<\/span><\/li>\n<li><b>  What does it mean that Proactivanet is in the catalog?<\/b><span style=\"font-weight: 400;\">  It means that the product has already passed the technical tests, laboratory audits and the administrative validation of the National Cryptologic Center, being a recommended solution for the handling of sensitive information.<\/span><\/li>\n<li><b>  Can a private company benefit from products in the CPSTIC?<\/b><span style=\"font-weight: 400;\"> Absolutely. <\/span><\/li>\n<\/ol>\n<p>&nbsp;<\/p>\n<p><b>Do you need an IT Asset and Service Management solution that meets national security standards?<\/b><b>Do you need an IT Service and Asset Management solution that meets national security standards?<\/b><\/p>\n<p><a href=\"https:\/\/www.proactivanet.com\/en\/contact\/\"><span style=\"font-weight: 400;\">Discover how Proactivanet helps you<\/span><\/a><span style=\"font-weight: 400;\"> manage your IT services with the confidence that only a CPSTIC certified product can offer.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The CPSTIC Catalog has established itself as the cornerstone for the...  <\/p>\n<div class=\"read-more mt-4 text-blue text-xs\"><\/div>\n","protected":false},"author":7,"featured_media":33476,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1848],"tags":[],"class_list":["post-33471","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-proactivanet-en"],"acf":{"is_icon":""},"post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/www.proactivanet.com\/en\/wp-json\/wp\/v2\/posts\/33471","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.proactivanet.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.proactivanet.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.proactivanet.com\/en\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/www.proactivanet.com\/en\/wp-json\/wp\/v2\/comments?post=33471"}],"version-history":[{"count":3,"href":"https:\/\/www.proactivanet.com\/en\/wp-json\/wp\/v2\/posts\/33471\/revisions"}],"predecessor-version":[{"id":33484,"href":"https:\/\/www.proactivanet.com\/en\/wp-json\/wp\/v2\/posts\/33471\/revisions\/33484"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.proactivanet.com\/en\/wp-json\/wp\/v2\/media\/33476"}],"wp:attachment":[{"href":"https:\/\/www.proactivanet.com\/en\/wp-json\/wp\/v2\/media?parent=33471"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.proactivanet.com\/en\/wp-json\/wp\/v2\/categories?post=33471"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.proactivanet.com\/en\/wp-json\/wp\/v2\/tags?post=33471"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}