U.S. flag   An official website of the United States government

Cryptographic Module Validation Program CMVP

Certificate #3812

Details

Module Name
Palo Alto Networks Cortex XSOAR Module
Standard
FIPS 140-2
Status
Active
Sunset Date
2/4/2026
Validation Dates
02/05/2021
Overall Level
1
Caveat
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.
Security Level Exceptions
  • Physical Security: N/A
  • Mitigation of Other Attacks: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
Cortex™ XSOAR by Palo Alto Networks is a comprehensive security orchestration, automation and response (SOAR) platform that unifies case management, automation, real-time collaboration and threat intel management to serve security teams across the incident lifecycle.
Tested Configuration(s)
  • CentOS 7.7 on Vmware ESXi 6.5 running on Dell R730 Server with Intel Xeon E5 with PAA
  • CentOS 7.7 on Vmware ESXi 6.5 running on Dell R730 Server with Intel Xeon E5 without PAA (single-user mode)
  • Red Hat 7.7 on Vmware ESXi 6.5 running on Dell R730 Server with Intel Xeon E5 with PAA
  • Red Hat 7.7 on Vmware ESXi 6.5 running on Dell R730 Server with Intel Xeon E5 without PAA
FIPS Algorithms
AES Cert. #C1750
DRBG Cert. #C1750
ECDSA Cert. #C1750
HMAC Cert. #C1750
KTS AES Cert. #C1750; key establishment methodology provides 128 or 256 bits of encryption strength
RSA Cert. #C1750
SHS Cert. #C1750
Triple-DES Cert. #C1750
Allowed Algorithms
NDRNG; RSA (key wrapping; key establishment methodology provides 112 or 128 bits of encryption strength)
Software Versions
1.0

Vendor

Palo Alto Networks
3000 Tannery Way
Santa Clara, CA 95054
USA

Jake Bajic
certifications@paloaltonetworks.com
Phone: 408-753-4000
Quang Trinh
qtrinh@paloaltonetworks.com
Phone: 408-753-4000

Lab

GOSSAMER SECURITY SOLUTIONS INC
NVLAP Code: 200997-0