stackArmor - A Tyto Athene Company Logo
Schedule ATO Acceleration Briefing

Tag: fedramp

Navigating a JAB Provisional ATO (P-ATO)

Pen resting on a blank blue notepad on a wooden surface.

Achieving a FedRAMP Authority to Operate (ATO) is a mandatory requirement for cloud service offerings (CSOs) that hold federal data. If you have software (or infrastructure or a platform) that is offered as-a-service and government agencies are your target customers, your cloud offering will be required to obtain and maintain a FedRAMP P-ATO. An ATO […]

Streamlining Federal Cybersecurity Requirements [Federal News Network]

Logo of Federal News Network with stylized red and blue graphic.

With updates such as the latest revision to the National Institute of Standards and Technology Special Publication 800-53, navigating CMMC, FedRAMP, SP-800-171, and FISMA is more important than ever. Martin Rieger, the Chief Solutions Officer at stackArmor, joined Federal News Network to discuss the mistakes companies often make in tackling this process, what introduced changes […]

Keeping Up with FedRAMP: Baseline Updates, Inaugural Members of the FSCAC, and More

A padlock resting on a computer keyboard symbolizing cybersecurity.

In the words of Winston Churchill, “To improve is to change; to be perfect is to change often.” While it’s likely that collectively as business owners, policy drivers, and industry experts, we will never absolutely perfect the task of shielding government organizations and federal agencies from experiencing some sort of cyber vulnerability, we can certainly […]

It’s Official – FedRAMP has moved to Rev. 5

Wooden blocks with a checkmark and a courthouse model on a blue background.

  As of May 30, 2023, FedRAMP has officially approved and adopted the new Rev. 5 baselines – aligning with the National Institute of Standards and Technology Special Publication 800-53 (NIST 800-53) Rev. 5 baselines that went into effect in September of 2021. Cloud Service Providers (CSPs) with existing authorizations, those who are mid-process, and […]

Ramping Up: FedRAMP 300! A Quick Look at FedRAMP’s Journey

FedRAMP journey illustration with shield and White House.

It has been a decade-plus since the Office of Management and Budget introduced FedRAMP (Federal Risk and Authorization Management Program) to support the government’s adoption of secure cloud services. In fact, FedRAMP just hit its 300th ATO!

What is FedRAMP Compliance? Understand the FedRAMP Certification and Compliance Process

Close-up of a dark blue digital interface with text and a cursor.

What is FedRAMP P-ATO? FedRAMP Compliance and Certification Steps Explained The Federal Risk and Authorization Management Program (FedRAMP) is a US government-wide program that promotes the adoption of secure commercial cloud services across the federal government. The FedRAMP program streamlines the acquisition of cloud services by providing a standardized approach to security assessment, authorization, and […]

Lowering FedRAMP, CMMC 2.0 and StateRAMP Compliance Costs with ThreatAlert® Zero trust Security Platform

FedRAMP ATOs security platform promotion banner.

Lowering FedRAMP, CMMC 2.0 and StateRAMP Compliance Costs is critical for Organizations operating in highly regulated markets with public sector and government clients. Meeting complex NIST 800-53 security control requirements and generating a FedRAMP, StateRAMP, or CMMC 2.0 compliance package are critical requirements. FedRAMP compliance costs can be prohibitive due to the need for R&D, […]

DoD Cloud Authorization To Operate (ATO) and Impact Levels (IL2, IL4, IL5, IL6) Explained

Colorful light streams flowing upward like a glowing digital flower.

Updated 5/24/2025 with transition of the DOD Cloud Computing Security Requirements Guide (SRG) from NIST SP 800-53 Rev 4 to Rev 5. US Government and Department of Defense agencies are continuing to modernize and transform operations using modern commercial cloud computing services. A recent report on the Federal Cloud Computing Market predicts that demand for […]

FedRAMP Marketplace Outlook for 2023

Digital artwork featuring the year 2023 with a dark blue geometric background.

Happy new year! US Federal Agencies are expected to spend nearly $19B on cloud services by 2024. In order to participate in the Federal and DOD marketplace, a key requirement for commercial cloud solution providers is the ability to obtain and maintain FedRAMP certification. The FedRAMP program is expected to continue to grow given the […]

Achieving FedRAMP and DOD IL-4 ATOs – Lessons Learned & Much More

Promotional banner for a DOD Impact Level 4 webinar featuring Mark Willis.

If you are an ISV or SaaS solutions provider looking to pursue US DOD and FedRAMP accreditations then please join our webinar discussion on DOD Impact Level 4 ATO and Lessons Learned The U.S. Department of Defense (DoD) has unique information protection requirements that extend beyond those established by the Federal Risk and Authorization Management Program (FedRAMP). […]

FedRAMP Releases Updates to ATO Requirements based on NIST SP 800-53 Rev 5 for Public Review

Cloud COE process and collaboration steps diagram.

The FedRAMP Program Management Office (PMO) at the General Services Administration (GSA) released the updated controls baselines based on NIST SP 800-53 Rev 5. The FedRAMP Security Assessment Framework (SAF) is based on the National Institute of Standards and Technology’s (NIST) Special Publication [SP] 800-53 Rev 4. FedRAMP is expected to migrate to NIST SP […]

Understanding FIPS 140-2 Requirements for Achieving FedRAMP Compliance

FIPS 140-2 Cryptography certification logo.

ISV’s and SaaS providers looking to obtain FedRAMP accreditation must comply with FIPS 140-2 encryption standards. The National Institute of Standards and Technology (NIST) issued the FIPS 140 Publication Series to coordinate the requirements and standards for cryptography modules that include both hardware and software components. It is critical to protect a cryptographic module within […]