United States government regulation compliance

Compliance with United States government security and information technology regulations help to remove sales impediments and roadblocks. It also provides a proof point to prospects worldwide that HCL® is working to make their products the most secure in the industry. This topic lists the standards and guidelines that AppScan® Standard supports.

Federal Information Processing Standard (FIPS)

On Windows platforms that are supported by AppScan Standard, AppScan Standard supports FIPS Publication 140-2, by using a FIPS 140-2 validated cryptographic module and approved algorithms.

National Institute of Standards and Technology (NIST) Special Publication (SP) 800-131a

NIST SP 800-131A guidelines provide cryptographic key management guidance. These guidelines include:
  • Key management procedures
  • How to use cryptographic algorithms
  • Algorithms to use and their minimum strengths
  • Key lengths for secure communications
Government agencies and financial institutions use the NIST SP 800-131A guidelines to ensure that the products conform to specified security requirements.

Enabling FIPS 140-2 compliance on your operating system

  1. Go to Start > Control Panel > Administative tools > Local Security Policy.
  2. Go to Security Settings > Local Policies > Security Options > System Cryptography and enable the Use FIPS compliant algorithms for encryption, hashing, and signing security setting.