Reimagining RMF ATOs: stackArmor’s Compliance-as-Code 20x
We at stackArmor have taken to heart the recent calls to “Blow up the Risk Management Framework (RMF)” and take the compliance drama head-on. ATOs are in the news almost daily, often associated with high costs and long approval cycles with questionable outcomes. As we’re all about to light the RMF on fire and re-imagine […]
Accelerating FedRAMP High ATOs to Address Fast Growing Federal Demand
Federal and Defense agencies are increasingly encouraged to buy the best of breed commercial solutions. Commercial Software-as-a-Service (SaaS) Cloud Service Providers (CSPs) or Independent Software Vendors (ISVs) looking to meet this growing demand must meet the Federal Risk and Authorization Management Program (FedRAMP®) cybersecurity requirements. FedRAMP provides a standardized, reusable approach to security assessment […]
GSA Small Business Office and FedRAMP PMO looking for Small Business Cloud Solutions
General Services Administration (GSA), Office of Small and Disadvantaged Business Utilization (OSDBU) and The FedRAMP PMO are hosting a webinar on March 21, 2024 to provide guidance to small business CSPs in becoming FedRAMP authorized. Small businesses are encouraged to attend and register for this free event. The topics that will be covered include: Gain […]
Accelerating FedRAMP ATOs: OMB Memo
The Office of Management and Budget (OMB) released a Draft Memorandum for Modernizing the Federal Risk and Authorization Management Program (FedRAMP) on Friday, Oct 27, 2023. FedRAMP was codified in 2022 when Congress passed the FedRAMP Authorization Act (“Act”). The Act established FedRAMP within the General Services Administration (GSA) and created a FedRAMP Board to […]
Ramping Up: FedRAMP 300! A Quick Look at FedRAMP’s Journey
It has been a decade-plus since the Office of Management and Budget introduced FedRAMP (Federal Risk and Authorization Management Program) to support the government’s adoption of secure cloud services. In fact, FedRAMP just hit its 300th ATO!
How to get FedRAMP Moderate Certified? FedRAMP Compliance and FedRAMP Marketplace Listing Explained
How to get FedRAMP Moderate Certified? FedRAMP Compliance and FedRAMP Marketplace Listing Explained
What is FedRAMP High P-ATO? FedRAMP High Compliance and Certification Explained
FedRAMP High authorizations are required for commercial cloud services that must satisfy federal mission requirements with highly sensitive data.
Accelerate FedRAMP Compliance with Amazon Web Services (AWS)
FedRAMP (Federal Risk and Authorization Management Program) is a government-wide program that streamlines the assessment, authorization and continuous-monitoring (ConMon) requirements for cloud-based IT services. It is how the federal government ensures that its cloud IT services do not put sensitive data or systems at unnecessary risk. Bottom line, Cloud Service Providers (CSPs) wanting to serve […]
What is the FedRAMP Marketplace? Certified and Compliant Cloud Services
The FedRAMP Marketplace provides a searchable and sortable database of Cloud Service Providers (CSP) that have FedRAMP compliant services as well as a list of federal agencies using FedRAMP Authorized CSOs, and FedRAMP recognized auditors (3PAOs) that can perform a FedRAMP assessment. The FedRAMP Marketplace is maintained by the FedRAMP Program Management Office (PMO). The […]
FedRAMP ATO: Time to Compliance and Authorization
Understanding FedRAMP time to compliance is one of the first questions ISVs and SaaS companies looking to work with US Government agencies. Typical timelines can vary between 6 months to 24 months depending on the quality of preparation, agency backlog and complexity of the system. However, answering this question “how much time will it […]
How much does it cost to get FedRAMP compliant and obtain an ATO?
Commercial organizations looking to sell cloud-based solutions to Federal agencies must comply with FedRAMP security requirements.