Press Release Details


Zscaler Security Cloud Receives FIPS 140-2 Validation for Encryption

Apr 11, 2018 7:33 PM EDT

NIST Issued Certificates #3154 and #3159to Zscaler after Completion of the FIPS 140-2 Testing Process.

SAN JOSE, Calif.--(BUSINESS WIRE)--Apr. 11, 2018-- Zscaler, Inc. (NASDAQ: ZS), an industry leader in cloud security, is proud to announce the immediate availability of FIPS 140-2 validated encryption within Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA), including the Zscaler application (Z-App). FIPS 140-2 is the U.S. government standard used to ensure that cryptographic modules meet the necessary security levels for confidentiality and integrity of Sensitive but Unclassified (SBU) information.

Zscaler now meets the FIPS 140-2 standard and is eligible to be procured by U.S. federal agencies, including the Department of Defense. Other regulated industries such as utilities, finance, and healthcare have also adopted the FIPS 140-2 standard as a requirement.

“FIPS 140-2 validation was the logical next step for us in the process of achieving our FedRAMP Certification,” says Stephen Kovac, Vice President of Global Government and Compliance at Zscaler. “It shows Zscaler’s continued commitment to build our security cloud to meet the stringent and evolving public sector security regulations.”

Zscaler has partnered with SafeLogic to provide FIPS compliant crypto libraries which have been incorporated into the Zscaler™ cloud security platform.

“Our team is very proud to support Zscaler’s efforts,” added Ray Potter, CEO of SafeLogic. “By working together, we were able to accelerate Zscaler’s FIPS 140-2 validation, completing a significant building block in their compliance strategy and raising the bar for the cryptography in both public and private sector deployments.”

Recently, Zscaler announced it had achieved SOC II Type 2 certification, and Zscaler is currently “In Progress” for FedRAMP Certification.

About the FIPS 140-2 Validation Process

The FIPS 140-2 validations were granted after an independently accredited lab put the Zscaler encryption modules through a series of tests. After proving conformance with the FIPS 140-2 standard, the modules’ test reports were sent to CMVP, the Cryptographic Module Validation Program, operated by the United States National Institute of Standards and Technology (NIST) and the Communications Security Establishment (CSE) of Canada. Their joint office confirmed compliance and issued certificates #3154 and #3159 to the Zscaler Mobile Cryptographic Module and Zscaler Crypto Module, respectively.

This press release contains express and implied forward-looking statements that involve risks and uncertainties, including statements regarding the industry in which Zscaler operates and Zscaler’s competitive differentiation, including various certifications. These forward-looking statements are not historical facts and instead are based on Zscaler’s current expectations, estimates, opinions, and beliefs. Consequently, you should not rely on these forward-looking statements. The accuracy of such forward-looking statements depends upon future events and involves risks, uncertainties, and other factors beyond Zscaler’s control that may cause these statements to be inaccurate and cause its actual results, performance or achievements to differ materially and adversely from those anticipated or implied by such statements, and other risks detailed in its filings with the SEC. Zscaler’s SEC filings are available on the Investor Relations section of the company’s website at and on the SEC's website at These forward-looking statements speak only as of the date of this press release and, except as required by law, we assume no obligation to update forward-looking statements to reflect actual results or subsequent events or circumstances.

About Zscaler

Zscaler (Nasdaq: ZS) enables the world’s leading organizations to securely transform their networks and applications for a mobile and cloud-first world. Its flagship services, ZIA and ZPA, create fast, secure connections between users and applications, regardless of device, location, or network. Zscaler services are 100% cloud delivered and offer the simplicity, enhanced security, and improved user experience that traditional appliances or hybrid solutions are unable to match. Used in more than 185 countries, Zscaler operates a multi-tenant, distributed cloud security platform that protects thousands of customers from cyberattacks and data loss. Learn more at or follow us on Twitter @zscaler.

Zscaler™, SHIFT™, ZIA™, ZPA™, Direct-to-cloud™ and The internet is the New Corporate Network™ are trademarks or registered trademarks of Zscaler, Inc. in the United States and/or other countries. All other trademarks are the property of their respective owners.

About SafeLogic

SafeLogic provides innovative encryption products for applications in mobile, server, appliance, wearable, and other constrained environments. Our flagship product, CryptoComply™, provides drop-in FIPS 140-2 compliance with a common API across platforms, while our RapidCert process has revolutionized the way that certificates are earned. SafeLogic’s customers include many of the most influential and innovative companies in technology. SafeLogic is privately held and is headquartered in Palo Alto, CA. For more information about SafeLogic, please visit

Source: Zscaler, Inc.

Whitney Glockner Black, 650-260-4616
Director of Communications
Walter Paley, 949-257-2539
Director of Marketing

lnk Contact IR

Contact IR

Sign up for Email Alerts

to receive Company Updates