CryptoComply by SafeLogic

Additional Info

Company size (employees)10 to 49
Type of solutionSoftware


SafeLogic has been cutting through red tape and advocating for the adoption of cutting edge technology in government for nearly 10 years. With increased efforts in partnership with the Alliance for Digital Innovation to contribute to legislation surrounding FedRAMP, the FITARA Scorecard, and other influential factors at the public policy decision-maker level, SafeLogic has truly gone to the next level.

The National Institute of Standards and Technology (NIST) tackled the unenviable challenge of transitioning from FIPS 140-2 to FIPS 140-3 this year. The growing pains have been palpable and the sailing has been anything but smooth. SafeLogic’s customers and partners have needed that advocacy more than ever before as the landscape shifts drastically.

In response, SafeLogic has staffed up with more experts in compliance and technical areas, and expanded product offerings into hardware with HSMs. This commitment to innovation and evolving technology is already providing significant value and benefits to the teams that rely on SafeLogic for FIPS Validated encryption.

How we are different

- Relentlessly iterated innovation.
SafeLogic is constantly evaluating new operating environments and ways to deliver FIPS Validated encryption to a wider audience. This year brought hardware versions and significant development on a new major software release slated for 2022.

- Well-built cornerstone technology.
SafeLogic's CryptoComply modules are used as an integral component for household name companies like Zscaler, Okta, Trend Micro and HPE as they tackle comprehensive programs like FedRAMP, CMMC 2.0, Common Criteria, and DoDIN APL. Without a strong FIPS Validated encryption module at the core, none of those compliance achievements would be possible!

- Irreverence and candor.
In an industry where marketing puffery and false promises run rampant, SafeLogic embraces the importance of being blunt and candid when collaborating with partners. In the past, we've seen poor communication and mis-aligned incentives lead to FIPS consultants letting their partners walk right into traps like revalidation triggered by routine vulnerability patching, putting the vendor on the sidelines for 12-18 months while the consultant pads their scope and billing. We keep our efforts focused and tell it like it is - not what vendors hope to be true.