SoftIron’s proven SingularIT™ technology is in use in highly sensitive environments across the United States, Australia, and other NATO countries. It operates in accordance with the Australian Government’s Defence Security Principle Framework (DSPF) and Information Security Manual (ISM), and has been designed to work with Five Eyes nations, the NATO Federated Mission network, as well as other secure frameworks.
SingularIT™ is built on a software foundation designed and developed for FISMA Systems at the “High” level, including equivalent evaluations such as FedRAMP High and DoD SRG IL-5. In addition, the technology’s internal cryptographic modules are compatible with FIPS-140 and FIPS-203.
Principles
For almost a decade, SoftIron has been a trusted vendor to government and defense organizations, and the principles at the foundation of our business are the same principles that security partnerships like AUKUS and the Quad use to control and design critical technologies.
These include:
- Technology vendors should be secure, trustworthy and transparent
- Technology supply chains should be resilient, secure and diverse
- Technology and the standards that govern it must enhance the dignity and privacy of individuals, and not be used for coercive or un-democratic ends
SoftIron is uniquely positioned to meet the cloud and digital transformation needs of AUKUS, the Quad, and allied partners due to its secure, “zero trust” design principles that include validated provenance of both the software and hardware components.
Featured Standards
FISMA High Compliance
The Federal Information Security Management Act (FISMA) is a United States federal law that was enacted in 2002 to strengthen information security systems and protect government information and operations. It is one of the most important regulations for U.S. federal data security standards and guidelines.
FISMA High is the highest level of compliance and provides the strictest level of controls to ensure protection of critical or sensitive data, compromise of which would have a severe or catastrophic effect.
SingularIT™ has been designed to meet FISMA High compliance standards and is already used in the Executive and Legislative branches of the U.S. federal government, in the DoD, and by contractors and other organizations that support them.
FedRAMP High
FedRAMP is the Federal Risk and Authorization Management Program. It was developed in 2011 to support the United States’ “cloud-first” mandate and to give guidance for security in the cloud.
FedRAMP High impact level is the standard for security necessary to protect some of the U.S. federal government’s most sensitive unclassified data.
SingularIT™ has been evaluated at FedRAMP High.
DoD SRG IL-5
SingularIT™ has been accredited to DoD SRG IL-5. IL-5 information covers controlled unclassified information across a number of sectors including defense, critical infrastructure, finance, law enforcement, intelligence, and others.
IL-5 also covers NIST-defined national security systems (NSS), and can provide services to any agency involved in intelligence activities, cryptologic activities related to national security, command and control of military forces, or weapons systems.
FIPS 140, 203
Validation against FIPS 140 is required for all U.S. federal government agencies using cryptography-based security systems (whether hardware, firmware, software, or a combination) to protect sensitive but unclassified digital information. With the addition of FIPS 203 support, SoftIron’s products are prepared for the post-quantum era, ensuring resilience against emerging quantum threats while maintaining compliance with today’s rigorous standards.
SoftIron maintains an active commitment to meeting the FIPS 140 & 203 requirements.
Common Vulnerabilities and Exposures (CVE)
SoftIron actively participates in the Common Vulnerabilities and Exposures (CVE) program, contributing to a global effort to identify and address cybersecurity vulnerabilities. SoftIron is committed to rapid detection, assessment, and remediation of vulnerabilities to strengthen its own defenses and those of its customers.
SoftIron is a CVE Numbering Authority (CNA).
Cyber Essentials
SoftIron is a proud member of Cyber Essentials, a UK government–backed initiative aimed at enhancing cybersecurity measures. By adhering to Cyber Essentials’ guidelines, SoftIron provides assurance to customers, particularly those in government sectors, of its commitment to best security practices.