How Acunetix 360 approaches to FIPS
Acunetix 360 is compatible with the Federal Information Processing Standards (FIPS) 140-2. Acunetix 360 can function on a machine where FIPS policy is enabled without throwing any errors.
What is FIPS?
- FIPS 140-2 is a US government standard that specifies the basic security standards for cryptographic modules in IT devices. The confidentiality and integrity of the information protected by this module require the module's protection.
- So, all federal agencies as well as their contractors and service providers, including networking and cloud service providers, need to comply with this standard.
- Beyond the federal agencies, this standard has become the de-facto norm for encryption and is widely acknowledged as a critical security standard.
Configuring Acunetix 360 for FIPS
Acunetix 360 can function on a machine where FIPS policy is enabled without throwing any errors. This means if the FIPS policy is enabled on a machine that runs or installs Acunetix 360, that policy does not interfere with the running state of the software. Additionally, no error event log entries are recorded.
Acunetix 360 does not have FIPS certification or verification. |
The following table shows which Acunetix 360 application is compatible with the FIPS-policy-enabled environment.
Environment | Application | Status |
Windows OS | Acunetix 360 Web Application | Compatible |
Windows OS | Acunetix 360 Agent | Compatible |
Linux OS, Native | Acunetix 360 Agent | Incompatible |
Linux OS, via Container | Acunetix 360 Agent | Compatible. |
Configuring Acunetix 360 agent on Linux OS
To continue using the Acunetix 360 scanning agent on Linux operating systems, you need to use the Dockerization version of the agent.
For further information, see Installing a Scan Agent via Dockerization.