Talos Linux now offers FIPS 140-3 compliant builds

Talos Linux is already the smallest, most secure Kubernetes OS available, with <50 binaries and a demonstrably low number of CVEs. Now, we’re adding something new for teams operating in highly regulated environments: FIPS-compliant builds for Talos Linux.

The Federal Information Processing Standards, or FIPS, are standards developed by the National Institute of Standards and Technology (NIST) and mandated by the US government to ensure cybersecurity for organizations handling sensitive but unclassified information (SBU).

Talos Linux is our immutable, inherently secure Linux distribution purpose-built for Kubernetes, designed to work across bare metal, data center, edge, and cloud. With this release, organizations will be able to utilize a FIPS-compliant OS for Kubernetes wherever they deploy, including air-gapped, on-premises, or cloud environments.

The entire Sidero software stack can be self-hosted, including the Image Factory for building custom Talos images and Omni for managing multiple Kubernetes clusters and machines. In the coming months, all of these products will also offer FIPS 140-3 compliant options.

This represents a major milestone for organizations in relevant industries, as they will be able to benefit from the inherent security and immutability of our products while also maintaining compliance. Find more information about the security of our products–including SELinux, SBOMs, out-of-the-box Trusted Boot, and more–here.

If you’re building in a regulated or sensitive environment and need a secure OS that meets compliance requirements, get in touch.