STIG Compliant Go Backend

If the opportunity arises, I would like to use Go as the language for a new project in the defense industry. This means I would need to be able to make the product compliant with the Application Security & Development STIG. To lay some of that groundwork before I need it, this is the first in a series of articles discussing getting over the major hurdles on building a Go application that could be put on a defense network.

HAproxy and FIPS 140-2

FIPS 140-2 is a government security standard used to approve cryptographic modules. It’s important to recognize that just because you’re using an algorithm that is valid, unless the module itself (i.e. binary or source code) has been evaluated under the FIPS 140-2 standard, then you’re not compliant with the standard. Thankfully OpenSSL provides an open source FIPS 140-2 compliant module, that if built and used precisely per their instructions is compliant.

TensorFlow and Iris

I ran across pandas and though it would work pretty well while I was exploring TensorFlow. It already has a lot of data reading/manipulation functionality that I was going to need to write anyway. import csv import tensorflow as tf import random import pandas as pd import numpy as np import matplotlib.pyplot as plt %matplotlib inline Initially pandas makes reading from the Iris CSV file trivial. I also like the nice tabular output in iPython.