Skip to main content

HashiCorp Vault 1.10 Achieves FIPS 140-2 Compliance

HashiCorp Vault Enterprise 1.10 has been evaluated as conformant with the Federal Information Processing Standard (FIPS) 140-2 standards.

Jun 07 2022Justin Weissig

We are pleased to announce that the HashiCorp Vault Enterprise 1.10 FIPS-enabled build has been evaluated as conformant with the Federal Information Processing Standard (FIPS) 140-2 standards. A conformance review was conducted by Leidos to ensure that the HashiCorp Vault Enterprise FIPS enabled build is using validated cryptography. For more details, please see the Vault compliance letters.

The Federal Information Processing Standard (FIPS) is a cryptography-focused standard developed by the U.S. government to help computer security and interoperability. FIPS is intended for use cases in which suitable industry standards do not already exist, and is relied upon by many organizations to ensure approved cryptographic algorithms are used when processing sensitive information.

»Vault and FIPS: With and Without Hardware Security Modules

In 2017, HashiCorp Vault 0.9 went through a Leidos' evaluation focused on Vault’s Seal Wrap feature. Seal Wrap allows a Vault Enterprise system to encode cryptographic fundamentals and credentials with encryption derived from an external FIPS 140-2 certified cryptographic hardware security module (HSM). This is well-suited for customers who already have an HSM in their infrastructure, and who want the FIPS 140-2 Level 2+ protection only an HSM can provide.

Today, with HashiCorp Vault 1.10 using the FIPS enabled build, we now support a special build of Vault Enterprise (marked with a fips1402 feature name) that includes built-in support for FIPS 140-2 Level 1 compliance. Unlike using Seal Wrap for FIPS compliance, this binary has no external dependencies on an HSM, making it a good choice for organizations that do not already have an HSM in place, and that need FIPS 140-2 Level 1 cryptography.

»Next Steps

The FIPS compliance letters for both Seal Wrap and the new FIPS enabled build are available today on the HashiCorp Vault Compliance page. For more information about HashiCorp Vault Enterprise, visit https://www.hashicorp.com/products/vault/.

Sign up for the latest HashiCorp news

By submitting this form, you acknowledge and agree that HashiCorp will process your personal information in accordance with the Privacy Policy.

More blog posts like this one

Streaming HCP Vault audit logs to Amazon CloudWatch for secure, real-time visibility
June 09 2025 | Products & Technology
Streaming HCP Vault audit logs to Amazon CloudWatch for secure, real-time visibility

Learn how to automatically stream HCP Vault Dedicated audit logs into Amazon CloudWatch for real-time monitoring and compliance.

Anonymize RAG data in IBM Granite and Ollama using HCP Vault
June 05 2025 | Products & Technology
Anonymize RAG data in IBM Granite and Ollama using HCP Vault

Learn how to configure tokenization and masking with HCP Vault's transform secrets engine for data and pass it to IBM Granite, Ollama, and Open WebUI for RAG.

HashiCorp Vault and FIPS 140-3: Strengthening security and compliance
June 04 2025 | Products & Technology
HashiCorp Vault and FIPS 140-3: Strengthening security and compliance

HashiCorp Vault now supports FIPS 140-3, the latest NIST standard for cryptographic modules.