The First International Cryptographic Module Conference
September 24-26, Gaithersburg, MD
Bringing experts together from around the world to confer on the topic of cryptographic modules.
Conference Website
FIPS 140-2 Testing and Consulting
What atsec offers
FIPS 140-2, short for the U.S. Federal Information Processing Standard 140-2, Security Requirements for Cryptographic Modules, specifies requirements related to the secure design and implementation of cryptographic modules that provide protection for sensitive or valuable data. atsec offers these cryptographic module testing services:
- Consultation on FIPS 140-2 requirements
- Assessment of your cryptographic module test readiness
- Support for the production of the Security Policy, Finite State Model, and user documentation
- Conformance testing of cryptographic modules, resulting in a certificate issued by the National Institute of Standards and Technology (NIST) and Communications Security Establishment of Canada (CSEC) Cryptographic Module Validation Program (CMVP)
Why our services are important to you
If you plan to sell a product that includes a cryptographic module to a U.S. Federal Government agency that uses cryptographic-based security systems to protect sensitive data in computer or telecommunication systems, FIPS 140-2 certification of that product is mandatory. In addition, FIPS 140-2 certification of cryptographic modules is increasingly valued in other industry sectors (for example, banking) in which the protection of sensitive data by cryptographic-based solutions is critical. atsec is ready to partner with you to help you understand the requirements of the standard, assess your product’s readiness for FIPS 140-2 evaluation, and perform the conformance testing that will earn certification of your cryptographic product.
For more information
For more information on FIPS 140-2 testing and consulting, please refer to our 
resource pages. and take a look at our list of FIPS 140-2 projects.
FIPS 140-2 TRAINING
What atsec offers
atsec offers education and training courses either at our facility or on-site at your location. Available courses are:
- FIPS 140-2 certification — An overview of the Cryptographic Module Validation Program, and the mandates for its use. This course is designed for those who need to understand the basics of why a certification is needed and how a project is typically run.
- FIPS 140-2 compliance — Training for those closely and technically involved with the design and development of a product that will be compliant with FIPS 140-2.
- Personal Identify Verification — Technical training including the requirements of HSPD-12, FIPS 201 & special publications and their relationship to FIPS 140-2.
- Physical security best practices — This training includes discussion of design techniques for achieving compliance with the physical security requirements of FIPS 140-2.
We are always willing to provide training tailored to your specific needs. If you do not see the training you require listed here, please contact us to discuss your requirements.
Why our services are important to you
Security standards like FIPS 140-2 are both important and complex. If your organization plans to demonstrate conformance to one of the standards, your employees must understand the basics of the standard, the evaluation process, and their roles within that process. Investing in training your employees helps your organization optimize time spent preparing for evaluation.
For more information
Please refer to our resource pages.
