July 2018
Intermediate to advanced
356 pages
9h 18m
English
Content preview from Hands-On Security in DevOps
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Federal Information Processing Standards (FIPS)
The FIPS mainly defines minimum security requirements for the use of cryptographic modules. Every organization that is not going to get a FIPS certificate should also refer to it. It's highly recommended that you refer to Security Requirements for Cryptographic Modules to understand what cryptographic modules may be considered safe, legacy, or weak.
For developers who would like to learn how to implement cryptographic modules correctly, the following resources are recommended.
- OWASP Cryptographic Storage Cheat Sheet.
- OWASP Guide to Cryptography
- OWASP Key Management Cheat Sheet
Here is a summary of the minimum security requirements for each cryptography algorithm and its usage:
|
Usage ... |