Package: Invicti AppSec Core (on-demand)
FIPS compatibility
Federal Information Processing Standards (FIPS) 140-2 is a US government standard for cryptographic security. Invicti AppSec is compatible with FIPS 140-2 and can run on machines where the FIPS policy is enabled.
This document explains what FIPS is and how Invicti AppSec handles FIPS-enabled environments.
What is FIPS
FIPS 140-2 is a US government standard that specifies security requirements for cryptographic modules in IT devices. It ensures the confidentiality and integrity of information that those modules process.
All federal agencies and their contractors and service providers - including networking and cloud service providers - must comply with this standard. Beyond federal agencies, FIPS 140-2 has become a widely recognized benchmark for encryption and is considered a critical security standard.
Invicti AppSec and FIPS
Invicti AppSec can run on machines where the FIPS policy is enabled without errors or error event log entries. If you install or run Invicti AppSec on a FIPS-enabled machine, the FIPS policy doesn't interfere with the software.
Invicti AppSec doesn't have FIPS certification or verification.
The following table shows the compatibility status for each Invicti AppSec component in a FIPS-enabled environment.
| Environment | Component | Status |
|---|---|---|
| Windows OS, Linux OS | Invicti AppSec on-demand | Compatible |
| Windows OS, Linux OS | Internal agent | Compatible |
Need help?
Invicti Support team is ready to provide you with technical help. Go to Help Center