Important News:SafeLogic's CryptoComply Achieves FIPS 140-3 Validation and Receives FIPS 140-3 certificate #4781! Read the blog post!
Still Using OpenSSL 1.0.2 or 1.1.1?
SafeLogic Can Help
Many organizations have not yet upgraded from OpenSSL 1.0.2 or 1.1.1 for a variety of reasons. These may include legacy compatibility and that version’s support for FIPS mode. For instance, compliance initiatives that depend on OpenSSL 1.0.2 or 1.1.1 like FIPS 140 validation, FedRAMP ATOs, Common Criteria certification, or UC/DoDIN Approved Product Listing, may have prevented your organization from upgrading to a newer version.
If you are in this situation, then you likely know that OpenSSL 1.0.2 has been in ‘End of Life’ (EOL) status since 12/31/2019. OpenSSL 1.1.1 goes EOL on 9/11/2023. That means that without extended support, your organization has not or will not be getting important things like bug fixes or security updates.
SafeLogic Provides OpenSSL 1.0.2 and 1.1.1 Premium Extended Support!
SafeLogic's OpenSSL 1.0.2 and OpenSSL 1.1.1 Premium Extended Support ensures that you get the necessary OpenSSL 1.0.2 or 1.1.1 patches as they become available. SafeLogic will also provide any additional assistance you may require related to your use of OpenSSL 1.0.2 or 1.1.1. This commercial-grade service is provided by SafeLogic’s professional internal support team in accordance with strict SLAs, because we know that your company’s business depends on our responsiveness.
Benefits of SafeLogic’s OpenSSL 1.0.2 and 1.1.1 Premium Extended Support include:
- Commercial-grade support coverage with strict SLAs
- Stay up to date with bug fixes and security patches
- Dramatic reduction of exposure to revenue losses and vulnerability risks
- Satisfy requirements to remain in compliance with certifications
If you hold any existing FIPS 140 validations based on modules deployed within OpenSSL 1.0.2 or 1.1.1, they will be affected by the EOL and will need patches to be provided by SafeLogic’s Premium Extended Support. Otherwise, vulnerability scanners may flag your solution as being unsupported. Government CIOs have been very vocal, cautioning federal agencies about deploying unsupported and unpatched software that has become obsolete, and you can bet that malicious actors are already exploiting unpatched software.
Instead, an OpenSSL 1.0.2 or 1.1.1 Premium Extended Support contract with SafeLogic will ensure that your OpenSSL 1.0.2 or 1.1.1 implementation is always updated with the latest patches and meets even the most stringent of requirements.