Skip to main content

Compliance

Leading organizations across the world trust HashiCorp to meet their regulatory, industry, and internal requirements for security and compliance. Learn more about how our suite of infrastructure automation software helps make this possible by protecting you and your customers.

Compliance program

  • ISO 27001International standard for information security management systems. Scope includes the following products: IBM Terraform, IBM Terraform EU, IBM Waypoint, IBM Vault, IBM Boundary, IBM Packer, IBM Vault Radar, IBM Vault Secrets, IBM Terraform Self-Managed, IBM Vault Self-Managed , IBM Consul Self-Managed, IBM Nomad Self-Managed, and IBM Boundary Self-Managed Download
  • ISO 27017International standard for securely utilizing or providing cloud services. Scope includes the following products: IBM Terraform, IBM Terraform EU, IBM Waypoint, IBM Vault, IBM Boundary, IBM Packer, IBM Vault Radar, IBM Vault Secrets, IBM Terraform Self-Managed, IBM Vault Self-Managed , IBM Consul Self-Managed, IBM Nomad Self-Managed, and IBM Boundary Self-Managed Download
  • ISO 27018International standard for handling of PII in public cloudDownload
  • FIPS 140-2 | VaultUS government standard that specifies the requirements for cryptographic modules to protect sensitive informationMore information
  • FIPS 140-3 | VaultUS government standard that specifies the requirements for cryptographic modules to protect sensitive informationMore information
  • FIPS 140-2 | ConsulUS government standard that specifies the requirements for cryptographic modules to protect sensitive informationMore information
  • SOC 2SOC 2 is a restricted use audit report that focuses on controls relevant to security, availability, and confidentiality of a cloud service or product.Download
  • Trusted Information Security Assessment Exchange (TISAX)IBM Corporation (HashiCorp Products and Services) customers can access Trusted Information Security Assessment Exchange (TISAX) assessment results demonstrating the compliance status on the ENX portal only (https://enx.com/en-US/TISAX/). The scope ID and assessment ID for the ENX portal are SV253H and AV72BA-1, respectively. For more information about accessing the TISAX assessment results, refer to TISAX Assessment Results. TISAX and TISAX results are not intended for general public. ENX portal for assessment results