[admin]

LATEST OPEN-SOURCE CYBERSECURITY SOFTWARE APPROVED FOR GOVERNMENT USE
DHS S&T co-sponsors validation of publically available cryptography software
Washington, DC– The Department of Homeland Security Science and Technology Directorate (S&T) today announced the validation and availability of an open-source cybersecurity tool for securing information shared across the Internet. Government agencies required to use cryptographic software validated to Federal Information Processing Standards (FIPS), will now have access to Open Secure Socket Layer (OpenSSL v2.0), a free, publicly available security software that meets federal security guidelines.

“OpenSSL is a widely-used component in many software security applications,” said Luke Berndt, DHS Program Manager for the Homeland Open Security Technology (HOST) program. The mission of the HOST program is to identify viable and sustainable open source solutions that support national cybersecurity objectives. “With this program available for government use, the nation’s critical online information will be safer while the government will find greater cost savings.”

The National Institute of Standards and Technology validated the Open SSL using the FIPS 140-2 security standard for testing cryptographic modules. This validation is required for cryptography used to protect sensitive or valuable data within the federal government. The validation process was funded by DHS S&T and other government agency and private sector partners.

“DHS S&T’s investment in the validation process for OpenSSL will help government users access the latest security software, and allow software developers to integrate OpenSSL into the products they offer to government clients,” said Berndt. “This collaborative effort is a great example of how government and industry can both benefit from the use of open source software.”

More information about the new FIPS 140-2 validated OpenSSL module is available at http://openssl.org/.