News Releases2 min read

Carbon Black Cryptographic Module Awarded FIPS 140-2 Validation by the National Institute of Standards and Technology (NIST)

WALTHAM, Mass – March 8, 2018 —  Carbon Black, a leader in next-generation endpoint security, today announced that Federal Information Processing Standard (FIPS) 140-2 validation #3107 has been awarded to the Carbon Black Cryptographic Module by the National Institute of Standards and Technology (NIST).

The validation allows products that include the Carbon Black Cryptographic Module, such as CB Response and CB Protection, to be deployed by federal agencies, including contracted service providers and other organizations requiring stringent security standards to protect sensitive information.

“In an effort to align with the U.S. Federal government’s NIST Risk Framework, we are excited to announce our FIPS 140-2 validation from NIST. This is a key milestone for Carbon Black,” said Damon Cabanillas, vice president of federal sales. “As a result, we can further serve customers in markets subject to strict regulation that demand superior levels of validated encryption. At Carbon Black, our vision is to create a world safe from cyberattacks, and this validation demonstrates Carbon Black’s continued commitment to helping our customers create a resilient and compliant cybersecurity program capable of stopping even the most advanced nation-state adversaries.”

The Cryptographic Module Validation Program (CMVP), which administers FIPS 140-2 validations, is operated jointly by NIST and their Canadian counterpart, Communications Security Establishment. The CMVP issued certificate #3107 after the Carbon Black Cryptographic Module was tested by an independent lab and confirmed to meet the federal benchmark.

The U.S. federal government is required to restrict technology procurement to products that use FIPS 140-2 validated encryption. If it has not been validated, it is deemed to be the functional equivalent of plaintext. In this case, the Carbon Black Cryptographic Module delivers core cryptographic functions (including Suite B algorithms) to CB Response and CB Protection including secure key management, data integrity, data at rest encryption, and secure communications.

“Carbon Black’s focus on delivering cutting edge solutions within regulated industries is impressive,” said SafeLogic CEO Ray Potter. “We’re proud to be part of that push, accelerating the deployment of validated encryption within the Carbon Black product line.”

Additional Resources

Webinar: Moving Endpoint Security to the Cloud: Replacing Traditional Antivirus
Follow @CarbonBlack_Inc on Twitter
Read Carbon Black’s blog

 About Carbon Black

Carbon Black is a leading provider of next-generation endpoint security. Carbon Black serves more than 3,700 customers globally, including 30 of the Fortune 100. As a cybersecurity innovator, Carbon Black has a strong heritage of innovative technology leadership in multiple endpoint security categories, including application control, endpoint detection and response (EDR), and next-generation antivirus (NGAV). Leveraging its newly introduced big data and analytics cloud platform – the CB Predictive Security Cloud – Carbon Black solutions enable customers to defend against the most advanced cyber threats, including malware, ransomware, and non-malware attacks. Deployed via the cloud, on premise, or as a managed service, customers use Carbon Black solutions to lock down critical systems, hunt threats, and replace legacy antivirus. For more information, please visit or follow us on Twitter at @CarbonBlack_Inc.

Carbon Black and Predictive Security Cloud are registered trademarks or trademarks of Carbon Black, Inc. in the United States and other jurisdictions.