Virtru Has Revealed a Groundbreaking Achievement by Announcing the First Ever FIPS 140-2 Validated JavaScript Cryptographic Module

The recognised leader in data-centric security and privacy, Virtru, today announced it achieved FIPS 140-2 validation for its JavaScript cryptographic library, the first to be certified by NIST. The newly validated module makes it faster and easier to build and maintain web-native, FIPS 140-2 validated JavaScript solutions.

This critical milestone further demonstrates Virtru’s long-standing innovation in serving both government and commercial customers, including those operating in the Defense Industrial Base who must comply with stringent data privacy regulations inherent in CMMC 2.0, ITAR, and CJIS. International guidance for regulations like GDPR also recommends implementing encryption in accordance with FIPS 140-2.

“We will integrate the Virtru JavaScript Cryptographic Module into our JavaScript SDK, which is leveraged by all of our browser-based products, including Virtru for Gmail, Outlook 365, Secure Reader, and Secure Share,” said Dana Morris, Virtru’s Senior Vice President of Engineering. “Integration of the module brings opportunity for new innovations, reduces the attack vector for our cryptographic implementations, and increases control across all of our solutions.”

Beyond Virtru, software developers in every industry are building secure web apps and, increasingly, Progressive Web Apps (PWAs) that deliver a seamless, cross-platform user experience without requiring users to download and install native applications. For web apps and PWAs with strict data security requirements, their developers will soon have the opportunity to use the FIPS 140-2 validated cryptography library in the Virtru platform.

“Cyber leaders and software developers everywhere, and especially those operating in the Federal market, are seeking solutions that make it easy to comply with data-centric regulations and align with FIPS 140-2 security requirements,” said Will Ackerly, Co-founder, and CTO at Virtru. “Our end-to-end encryption products have long been aligned with FIPS 140-2 security requirements, and now we are integrating this native library into our platform, which means that anyone building on top of the Virtru stack can benefit.”

For organisations interested in licensing Virtru’s FIPS 140-2 validated JavaScript cryptography module, please visit Virtru’s website.

The evaluation was conducted by EWA Canada, an independent cryptographic module testing laboratory accredited by the Cryptographic Module Validation Program (CMVP) under the National Voluntary Laboratory Accreditation Program (NVLAP). The CMVP is a joint effort between the National Institute of Standards and Technology (NIST) under the Department of Commerce and the Canadian Centre for Cyber Security, a branch of the Communications Security Establishment. For more information, see Virtru’s FIPS 140-2 validation certificate (#4440) on the NIST website.