Why you need to use a FIPS 140-2 validated cryptomodule

Why you need to use a FIPS 140-2 validated cryptomodule
The OWASP ASVS includes verification requirements that prescribe the use of a FIPS 140-2 validated cryptomodule. The applicable ASVS requirement reads in part:

"V7.1: Verify that cryptographic modules used by the application have been validated against FIPS 140-2 ..."

This is an important requirement for both public and private sector applications. A validated cryptomodule is... The requirement to use a validated cryptomodule was included in the standard to ensure that...

How to find out if the cryptomodule(s) that you are using is (are) FIPS 140-2 validated
Here is how you can find out if the cryptomodule(s) that you are using is (are) FIPS 140-2 validated...

CMVP module validation lists: http://csrc.nist.gov/groups/STM/cmvp/validation.html

How to find out if the cryptomodule(s) that you are using is (are) operating in an approved or in an allowed mode
Here is how you can find out if your validated cryptomodule(s) is (are) operating in an approved or in an allowed mode...

Postscript
…

The author of this article can be reached at boberski_michael(at)bah.com

Good luck!