FIPS 140-2 Workflows in CircleCI
NineFX, a HUBZone/SDVOSB-certified, value-added reseller for CircleCI, supports both commercial and Federal government customers. The software that we ship to our Federal customers must meet specific regulatory requirements from the National Institute of Standards & Technology (NIST). NIST’s Federal Information Processing Standard (FIPS) 140-2 is the standard that governs cryptographic modules in Federal software. Because we service both commercial and Federal customers, in this post I will describe how we use CircleCI workflows to provide timely feedback on our software’s support of FIPS 140-2 cryptography, enabling us to monitor a project’s FIPS compatibility.