FIPS 140-2 compliance

Self-Managed

The Federal Information Processing Standard (FIPS) Publication 140-2, (FIPS PUB 140-2), titled "Security Requirements for Cryptographic Modules" is a U.S. government computer security standard used to approve cryptographic modules.

Elasticsearch offers a FIPS 140-2 compliant mode and as such can run in a FIPS 140-2 configured JVM.
Kibana offers a FIPS 140-2 compliant mode and as such can run in a Node.js environment configured with a FIPS 140-2 compliant OpenSSL3 provider.
Some Ingest tools, including Elastic Agent, Fleet, Filebeat, Metricbeat, and APM Server, are available as FIPS compatible binaries and can be configured to use FIPS 140-2 compliant cryptography.

Note

If you are running Elasticsearch through Elastic Cloud on Kubernetes, refer to ECK FIPS compatibility.