SAN FRANCISCO, June 14, 2022 (GLOBE NEWSWIRE) -- HashiCorp, Inc. (NASDAQ: HCP), a leading provider of multi-cloud infrastructure automation software, today announced Vault Enterprise has achieved Federal Information Processing Standard (FIPS) 140-2 Level 1 after validation from Leidos, the independent security audit and innovation lab. This is the first FIPS certification for Vault Enterprise and will allow HashiCorp to deepen relationships with highly regulated and public sector institutions.
FIPS 140-2 is the U.S. government computer security standard used to approve cryptographic modules and covers a wide range of potential applications. FIPS Enabled Vault is validated by Leidos, a member of the National Voluntary Lab Accreditation Program (NVLAP).
“HashiCorp has a history of providing the US Public Sector and customers in highly regulated industries with solutions to operate and remain in compliance,” said HashiCorp chief security officer Talha Tariq. “The certification of FIPS 140-2 within Vault Enterprise demonstrates our continued investment and commitment to these customers.”
In 2017, HashiCorp Vault went through a Leidos evaluation focused on Vault’s Seal Wrapping feature. Seal Wrapping allows a Vault Enterprise system to encode cryptographic fundamentals and credentials with encryption derived from an external FIPS 140-2 certified cryptographic Hardware Security Module (HSM). This is designed for customers who already have an HSM in their infrastructure, and who want the FIPS 140-2 Level 2+ protection only an HSM can provide.
Today, with HashiCorp Vault 1.10 using the FIPS enabled build we now support a special build of Vault Enterprise, which includes built-in support for FIPS 140-2 Level 1 compliance. Unlike using Seal Wrap for FIPS compliance, this binary has no external dependencies on HSM, a benefit for organizations that only need FIPS 140-2 Level 1 cryptography.
FIPS Enabled Vault is available through HCP Vault and Vault Enterprise. For more information on Vault Enterprise Plus, visit the Vault and Getting Started with HCP Vault pages. Additional documentation is available on the FIPS Enabled Vault page and FIPS Enabled Vault compliance letters can be found on the evaluation page.
About HashiCorp
HashiCorp is a leader in multi-cloud infrastructure automation software. The HashiCorp software suite enables organizations to adopt consistent workflows and create a system of record for automating the cloud: infrastructure provisioning, security, networking, and application deployment. HashiCorp’s portfolio of products includes Vagrant™, Packer™, Terraform®, Vault™, Consul®, Nomad™, Boundary, and Waypoint™. HashiCorp offers products as open source, enterprise, and as managed cloud services. The company is headquartered in San Francisco, though most of HashiCorp employees work remotely, strategically distributed around the globe. For more information, visit hashicorp.com or follow HashiCorp on Twitter @HashiCorp.
All product and company names are trademarks or registered trademarks of their respective holders.
Investor Contact
Alex Kurtz
ir@hashicorp.com
Media & Analyst Contact
Kate Lehman
media@hashicorp.com
