Request demo
Request demo
Request demo

Press release

PrivX PAM Among the First to Achieve the US FIPS 140-3 Security Certification, Opening New Market Opportunities for SSH Communications Security 

 

Helsinki, Finland, 27 June, 2025. SSH Communications Security (SSH) is proud to announce that its Just-in-Time Privileged Access Management (PAM) solution PrivX is one of the first PAMs to achieve Federal Information Processing Standard (FIPS) 140-3 certification (SSH Communications Security Cryptographic Module #5020) through the Cryptographic Module Validation Program (CMVP).

The CMVP aims to ensure that validated and FIPS compliant cryptographic modules are secure and reliable for use in government and contractor applications for enhanced data protection. Working with SSH-based solutions or cryptographic libraries that are government-facing or standards-driven, aligning with FIPS 140-3 can be crucial for compliance and market acceptance. 

 

The CMVP program is a joint effort between the US National Institute of Standards and Technology (NIST) and the Canadian Centre for Cyber Security. The recently published  PrivX Release 40 comes equipped with FIPS 140-3, bringing the following benefits for PrivX:   

  • Improved compliance: Industries such as government, defense, finance, and healthcare are required by law or regulation to use FIPS-validated cryptography. 
  • Tested: It’s an independent, government-recognized and highly-regarded security validation. 
  • Global reach: FIPS 140-3 is aligned with international standards (ISO/IEC 19790) and recognized beyond North America. 
  • Future-proofing: FIPS 140-3 replaces older FIPS 140-2, and only FIPS 140-3 is accepted for U.S. federal procurements or deployments soon. FIPS 140-3 also introduces enhancements, such as stricter requirements for module integrity, authentication, and protection against physical and environmental attacks. 

 

“As more and more organizations are looking to modernize their IT stack, they turn to solutions that fulfill the latest requirements, like FIPS 140-3, and are built on modern technologies. PrivX has scalable microservices architecture, is highly automated, integrates out of the box with other security systems and provides just-in-time, passwordless access to keep organizations secure and people productive. We have long been in the federal government market, and adding the FIPS 140-3 certification for PrivX PAM enables us to win new business in the North American market and beyond,“ states Rami Raulas, CEO of SSH. 

 

Learn more about PrivX Just-in-Time PAM here.

 

For further information:  

Rami Raulas, CEO, SSH, tel. +358 50 331 1741, email rami.raulas@ssh.com  

Distribution:  

Major media  

www.ssh.com 

 

About SSH

SSH is a leading defensive cybersecurity company that secures communications and access for and between humans, systems, and networks. Our customers include a diverse range of enterprises, from multiple Fortune 500 companies to SMBs across various sectors such as Finance, Retail, Industrial, Critical Infrastructure, Healthcare, and Government.

We help our customers secure their business in the hybrid cloud and distributed IT and OT infrastructures. Our biometric, passwordless, and keyless PrivX Zero Trust solutions reduce costs and complexity while quantum-safe encryption keeps critical connections future-proof. Our teams and partners in North America, Europe, and Asia ensure customer success. The company’s shares (SSH1V) are listed on Nasdaq Helsinki. www.ssh.com

 

We at SSH secure communications between systems, automated applications, and people. We strive to build future-proof and safe communications for businesses and organizations to grow safely in the digital world.

Stay on top of the latest in cybersecurity

Be the first to know about SSH’s new solutions, product updates, new features, and other SSH news!

Thanks for submitting the form.

© Copyright SSH • 2024 • Legal