Important News:SafeLogic Announces CryptoComply Go v4.0 with Comprehensive PQC Capabilities!! Read the announcement.

Request Consultation
Request Consultation

CryptoComply Cryptography Software

Key Capabilities

Entropy

Extended Support

FIPS 140

Cryptography Compliance

Post-Quantum Cryptography

Industries

2025 Year in Review: FIPS 140-3, Post-Quantum Readiness, & Crypto-Agility

January 7, 2026 Evgeny Gervis

2025-year-in-review-fips-140-3-post-quantum-readiness-and-crypto-agility

2025 was another transformational year in the world of cryptography.

For regulated sectors requiring FIPS 140-validated cryptography (e.g., all public-sector solutions), the transition from FIPS 140-2 to FIPS 140-3 took center stage amid the looming FIPS 140-2 sunset deadline in September 2026.

In addition, more stringent entropy requirements from NIST affected cryptography used in products subject to Common Criteria certification—requirements that will soon impact all cryptography that needs to go through FIPS 140 validation.

More broadly, the pace of the transition to  Post Quantum Cryptography (PQC) has accelerated significantly with technology, financial services, and the public sector industries leading the way.

The PQC transition, coupled with the recognition that future cryptographic transitions will no doubt be necessary, acted as a catalyst for crypto-agility—the ability to govern and control which cryptography an organization uses without significant refactoring.

SafeLogic Leadership in Cryptography

Given these tectonic shifts in the world of cryptography, here at SafeLogic, we continued to make our mark on the cryptographic software industry, helping organizations raise the bar and simplify their cryptographic posture management.

Our thought leadership efforts included:

  • Continuing to serve as lead on NIST’s PQC Migration Discovery Risk Management and Prioritization work stream
  • Contributing to IETF PQC-related standardization efforts
  • Participating in industry collaboration to develop common APIs for crypto-agility
  • Presentations at key industry conferences, including NIST’s 6th PQC standardization conference, International Cryptographic Module Conference (ICMC), and the OpenSSL conference

Future-Proofing Cryptography Through Four Foundational Pillars

We also focused on ensuring that SafeLogic’s cryptographic software subscriptions can effectively future-proof our customers for the changes in the world of cryptography, both now and in the future.

The four aforementioned significant change areas now form the four key pillars of SafeLogic’s focus, which together ensure that our customers can achieve simplified cryptographic posture management, now and into the future.

SafeLogic-Cryptography-Product-Pillars

FIPS 140-3 Validated Software

On the FIPS 140-3 Validated Software pillar, all of SafeLogic’s major cryptographic products have achieved full FIPS 140-3 validation from the NIST CMVP, and we spent most of 2025 working with our customers to upgrade to FIPS 140-3.

At a time when NIST CMVP queues remain long, SafeLogic leverages RapidCert offering to get its customers their own FIPS 140 certificates in weeks rather than years, and its MaintainCert offering to keep its customers' software and certification FIPS 140-validated for years to come.

Post-Quantum Cryptography

On Post-Quantum Cryptography pillar, SafeLogic rolled out PQC capabilities in almost all of its cryptographic products, including CryptoComply Core v3.5, CryptoComply Mobile v3.5, CryptoComply Java v4, and CryptoComply Go v4, where SafeLogic is the very first organization to offer comprehensive PQC support to Go developers. In addition to pure PQC, we have also added support for hybrid mode.

SafeLogic also did much to help organizations get the PQC migration started, becoming increasingly quantum-resistant over time. For instance, SafeLogic demonstrated how organizations can easily upgrade their quantum-vulnerable TLS connections to become quantum-resistant in an automated, crypto-agile manner. Please see a use case for an end-to-end demonstration, from cryptographic discovery to remediation.

Entropy Software

On the Entropy Software pillar, in anticipation of NIST’s more stringent requirements for the use of NIST-validated entropy sources, SafeLogic had released CryptoComply Entropy Provider (CCEP), which has been certified across several dozen operating environments (a set that SafeLogic continues to expand). CCEP works with both SafeLogic’s cryptographic software and upstream OpenSSL implementations.

Crypto-Agility

On the Crypto-Agility pillar, we introduced initial support for policy-defined crypto-agility in a select number of SafeLogic products and use cases (e.g., TLS). Additionally, more comprehensive support for crypto-agility is on SafeLogic’s FY26 roadmap.

Further, SafeLogic has been involved in industry-wide efforts to develop common APIs to support crypto-agility in an interoperable way.

Comprehensive Cryptography Across Every Operating Environment

SafeLogic had been focused on delivering cryptographic software capabilities across all the above pillars, while also continuing to grow its catalog of cryptographic software products and support for various operating environments (OEs), while remaining API-compatible with popular open-source libraries.

SafeLogic now has the most extensive catalog of cryptographic software products on the most diverse set of OEs than any other single organization. This is important as organizations focus on enhancing their cryptographic posture management; they need to do so across heterogeneous technology stacks, programming languages, and operating environments. These organizations then turn to SafeLogic to help manage their cryptography requirements holistically, rather than stitching together multiple solutions from different sources.

Enterprise-Grade Support & Scalable Cryptographic Delivery

In addition to cryptographic software that covers their entire environment, customers also expect top-notch enterprise software support, along with seamless, continuous delivery of cryptographic software builds.

To meet these growing needs in 2025, SafeLogic expanded its enterprise software support capabilities and built world-class automation for standard and customized build creation and delivery via SafeLogic’s new customer portal.

As a result, SafeLogic can deliver a wide range of cryptographic software builds efficiently and at scale, all supported by the company’s highly regarded enterprise support team. In 2025, we found that these capabilities are key to assisting our customers with large-scale cryptographic software transformation efforts.

Bringing FIPS 140 Validation to WireGuard and Envoy

Finally, in 2025, SafeLogic added explicit support for popular use cases where FIPS 140-validated cryptography is often required. These include support for Wireguard VPN and Envoy proxy.

Looking Ahead to 2026

I consider it an honor and a privilege to be at the helm of SafeLogic during this important period of change in the world of cryptography. We always remember that strong cryptography is fundamental to security, and so our mission remains to enable digital privacy and trust in the ever-changing digital world.

The future of cryptography is no longer a distant date on a roadmap—it is the standard we successfully built and deployed throughout 2025. As a testament to this, SafeLogic’s business grew 60% this past year—for which we are extremely grateful to our customers, partners, shareholders, and, of course, our staff.

As we head into 2026, SafeLogic remains committed to ensuring that world-class, validated cryptography is accessible, crypto-agile, and ready for whatever the quantum era brings next.

The future is here. Thank you for building it with us.
Evgeny Gervis

Evgeny Gervis

Evgeny is the CEO of SafeLogic.

FIPS 140-3 Post-Quantum Cryptography (PQC) Crypto-Agility

Share This:

Back to posts

Popular Posts

Search for posts

Tags

See all