CIQ RLC Pro: NIST-Certified Post-Quantum Linux

CIQ has delivered the first Enterprise Linux platform, RLC Pro, to ship with five active NIST cryptographic certificates, 5200, 5117, 5116, 5113, and 5095, which will significantly ease compliance for organizations selling to the US Federal Government. This pre-installed, validated cryptography addresses an upcoming deadline; as of September 21, 2026, all FIPS 140-2 certificates will become “Historical” under NIST rules, immediately disqualifying systems using them from new federal procurement bids. CIQ emphasizes that simply enabling FIPS Mode is insufficient, stating that federal auditors and third-party assessors will not close the cryptographic compliance requirement without an active certificate issued by the National Institute of Standards and Technology. By offering a platform with these certificates pre-validated and ready for audit, CIQ aims to reduce manual hardening time from over 40 hours to under 30 minutes per system.

Rocky Linux Achieves First Validated Cryptography & Post-Quantum Readiness

Rocky Linux, with CIQ’s support, is the first commercial Enterprise Linux platform to ship with federally validated cryptography and post-quantum readiness integrated directly into the operating system. This addresses a critical convergence of federal compliance deadlines impacting organizations reliant on secure infrastructure. Beyond the immediate FIPS 140-2 transition, organizations face escalating compliance requirements, including the Cybersecurity Maturity Model Certification (CMMC) Phase 1 for Department of Defense contractors and the adoption of quantum-resistant algorithms for national security systems by January 2027.

CIQ addresses these overlapping mandates with a single platform, streamlining compliance efforts and reducing the burden on IT departments. Peter Nelson, chief technology officer at CIQ, said that defense contractors, financial institutions, and healthcare organizations face four federal compliance deadlines within seven months of each other, and most of them run Enterprise Linux infrastructure that will not pass a single one. CIQ built one stack so customers do not have to; the OS ships validated, hardening takes effect at build time, and audit evidence exists before the assessor requests it. CIQ’s NSS module is the first Enterprise Linux module to achieve CAVP certification for ML-KEM and ML-DSA, the post-quantum algorithms finalized by NIST in 2024, positioning RLC Pro for continued security leadership.

The convergence of federal compliance deadlines creates a complex challenge for organizations relying on Enterprise Linux infrastructure, particularly as cryptographic standards rapidly evolve. Organizations presenting only a configuration setting will now receive an automatic audit finding, underscoring stricter enforcement of these regulations. This is not a gradual phase-out, but a hard cutoff impacting any entity selling to the US Federal Government, with certificates 5200, 5117, 5116, 5113 and 5095 pre-installed.

Ascender Pro Automates 800-171 Audit Evidence & Kernel Integrity

CIQ’s Ascender Pro platform is designed to alleviate the growing burden of compliance audits for organizations operating within heavily regulated sectors, automating the collection of evidence required for 800-171 assessments and continuously monitoring system integrity. Ascender Pro integrates seamlessly with RLC Pro and RLC Pro Hardened, managing both Linux and Windows environments from a single interface. This centralized approach allows for the execution of security hardening workflows, verification of cryptographic compliance, and automated patch application, all while simultaneously gathering the necessary documentation for audits. The platform incorporates Linux Kernel Runtime Guard (LKRG), which provides continuous monitoring of kernel integrity, detecting and blocking potential exploitation attempts with minimal performance impact.