Docker Awarded FIPS 140-2 Validation by NIST

Docker Awarded FIPS 140-2 Validation by the National Institute of Standards and Technology (NIST)  

 Docker Engine - Enterprise with FIPS validated cryptography can address the stringent application security and privacy requirements of the U.S. Federal Government and the world’s most secure organizations

SAN FRANCISCO – October 31, 2018 – Docker today announced that Docker Engine - Enterprise has achieved Federal Information Processing Standard (FIPS) 140-2 certification (Certificate #3304) for its cryptographic module from the National Institute of Standards and Technology (NIST).

Docker Engine is the most widely adopted container runtime for building and running mission-critical applications across any infrastructure. With this validation, federal agencies and entities in regulated industries such as utilities, finance and healthcare now have a secure and compliant foundation for deploying their containerized applications. Docker’s FIPS 140-2 certification marks another key milestone in the company’s effort to provide a robust platform for applications that satisfies even the most stringent data security and privacy requirements. 

"The completion of FIPS 140-2 validation underscores Docker’s commitment to ensuring our software is validated against enterprise and government-accepted standards that meet the requirements of the most security-conscious companies and government agencies,” said Banjot Chanana, VP of Product at Docker. “The security landscape is rapidly evolving and sensitive data is increasingly at risk. With this certification for Docker Engine - Enterprise’s cryptographic module, we are able to further deliver on the confidentiality, integrity and availability objectives of information security and provide both government and commercial customers a secure container solution for their mission-critical applications.”

Docker Engine - Enterprise is “secure by default” with restricted host access, encryption and secure mutual TLS authentication and cryptographic node identity, all of which are supported by the FIPS validated cryptographic module. Because Docker Engine - Enterprise is a key component of the industry-leading Docker Enterprise container platform, organizations are able to take advantage of the integrated and advanced security options associated with the platform and satisfy critical requirements set forth by the Federal Information Security Management Act (FISMA) and other regulatory frameworks across industries.
 
Additional Resources
To learn more about the Docker Engine - Enterprise, FIPS 140-2 certification or the Docker Enterprise container platform, visit these additional resources:

Get started with Docker today.

Get started