Certifications
In 2026, SSH achieved ISO 9001:2015 certification for Quality Management System.
ISO/IEC 27001:2022
In 2024, SSH achieved ISO/IEC 27001:2022 certification for Information Security Management System, further demonstrating our focus on information security and responsible operations.
The ISO/IEC 27001:2022 certification is the most widely used information security standard developed and published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC).
The certification demonstrates that SSH proactively manages and protects information and assets and to ensure compliance with legal requirements related to information security. The certification covers SSH's global offices in Helsinki, New York, and Singapore.
PrivX FIPS 140-3
PrivX Just-in-Time Privileged Access Management (PAM) solution was one of the first PAMs to achieve Federal Information Processing Standard (FIPS) 140-3 certification (SSH Communications Security Cryptographic Module #5020) through the Cryptographic Module Validation Program (CMVP).
The CMVP aims to ensure that validated and FIPS compliant cryptographic modules are secure and reliable for use in government and contractor applications for enhanced data protection. Working with SSH-based solutions or cryptographic libraries that are government-facing or standards-driven, aligning with FIPS 140-3 can be crucial for compliance and market acceptance.
NQX TL-III
The National Cyber Security Authority (the body responsible for approving cryptographic products in Finland) at the Finnish Communications Regulatory Authority (Ficora) has certified the SSH NQX firewall and virtual private network (VPN) appliance as a cryptographic product for protecting classified information according to Finnish national (FI) TL III security requirements.
The SSH Helsinki facilities are Katakri (Finnish national security audit criteria) certified and audited.
NATO NCI-approved supplier
SSH Communications Security is an approved supplier for NATO’s NATO Communications and Information Agency (NCI). The purpose of the NCI Agency is to protect NATO, its communications and networks against cyber threats. The registration allows SSH and its solutions to be part of NCI Agency’s competitive procurements, opening brand-new market opportunities and a wider visibility for the company.
Grants & projects
BlimPQC (also “Beyond the Limits of Post-Quantum Cryptography”) is a Finnish national research and development project focused on preparing for the era of quantum computing by advancing post-quantum cryptography (PQC). SSH leads work on PQC implementation within the project.
PROACTIF
PROACTIF is a European research & innovation project focused on robotics and unmanned systems (UxV) for civil security, critical infrastructure surveillance, and emergency/incident management. SSH’s role is to ensure that the unmanned systems being developed are secure against evolving cyber and quantum threats.
Project EPICA
This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 881221.
Project PQC
SSH has several pending patents for its NQX products in relation to the implementation of high-performance firewalls and line encryption solutions. Firewall technology is rapidly changing due to new hardware and software architectures that enable faster, more flexible, and more secure processing and modern web-based user interfaces.
Project CHARM
SSH has been awarded roughly €750,000 in grant-based funding by the European Union and Business Finland for further development of the development of machine-to-machine, automation, and IIoT (Industrial Internet of Things) features of PrivX. The funding is a part of the European ECSEL Joint Undertaking established in 2014.
Analyst recognitions
Privileged Access Management Leadership Compass 2026
PrivX PAM has been recognized as a leader in the Overall, Product, and Innovation categories.
Enterprise Secrets Management Leadership Compass 2025
PrivX PAM has been recognized as a leader in the Overall, Product, and Innovation categories.
Secure Remote Access for OT/ICS Leadership Compass 2025
PrivX PAM has been recognized as a leader in all categories - Overall, Product, Market, and Innovation.
Gartner® Magic Quadrant™ for Privileged Access Management
PrivX received an honorable mention in Gartner® Magic Quadrant™ for Privileged Access in 2025.
Gartner® Magic Quadrant™ for Privileged Access Management by Abhyuday Data, Paul Mezzera, Shubham Gera, Tarun Rohilla, Michael Kelley, 13 October 2025.
Gartner Disclaimers : GARTNER is a registered trademarks and service mark, and MAGIC QUADRANT is a registered trademark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
SSH PrivX: Modern approach to privileged access management
An assessment of PrivX's critical access management capabilities by Principal Advisory Director Carlos Rivera.
Decision point for industrial secure remote access
PrivX received an innovation grade of 4 out of 5.
