Skip to main content

Blog

Focus on FedRAMP

Discover what’s happening in the FedRAMP world.

FedRAMP Announces NIST’s OSCAL 1.0.0 Release

NIST released version 1.0.0 of OSCAL . The FedRAMP PMO, in collaboration with NIST, is working to standardize authorization packages and streamline their review with a common machine-readable language, also known as the Open Security Controls Assessment Language (OSCAL). Benefits of...

Continue Reading...

An Update to FedRAMP’s Low, Moderate, and High ...

The Federal Risk and Authorization Management Program (FedRAMP) provides standardized security re...

Continue Reading...

Remote Testing of Datacenters

Cloud Service Providers (CSPs) hire Third Party Assessment Organizations (3PAOs) to perform secur...

Continue Reading...

6

May

Rev5 Transition Update

FedRAMP uses the National Institute of Standards and Technology’s (NIST) guidelines and procedure...

Continue Reading...

FedRAMP Connect Business Case Deadline Extended

The due date for FedRAMP Connect Business Cases has been extended to May 21, 2021 at 5:00 p.m. ET...

Continue Reading...

Release of FedRAMP Incident Communications Proc...

The Federal Risk and Authorization Management Program (FedRAMP) recently updated the FedRAMP Inci...

Continue Reading...

JAB Guidance on CentOS Linux End of Life

Red Hat, the parent company of Community ENTerprise Linux Operating System (CentOS), has announce...

Continue Reading...

FedRAMP Launches YouTube Channel

The FedRAMP PMO recently launched the FedRAMP YouTube channel as a one-stop source for quick, sim...

Continue Reading...

Vulnerability Scanning Requirements for Containers

The Federal Risk and Authorization Management Program (FedRAMP) is pleased to announce the releas...

Continue Reading...

The New FedRAMP.gov

FedRAMP is excited to announce the launch of our revamped website. Thanks to feedback from our pa...

Continue Reading...

FedRAMP Explores a Threat-Based Methodology to ...

Feasibility Study: Agile Approach to Authorizations In 2017, the Office of American Innovation (...

Continue Reading...

CSPs Prioritized to Work with the JAB and Next ...

The following Cloud Service Providers (CSPs) have been selected to work with the Joint Authorizat...

Continue Reading...

FedRAMP Hosts a 3PAO Interact Week

Throughout the week of November 16, 2020, the FedRAMP PMO held a virtual, 3PAO Interact, to bring...

Continue Reading...

FedRAMP’s NIST Rev5 Transition Plan

FedRAMP uses the National Institute of Standards and Technology’s (NIST) guidelines and procedure...

Continue Reading...

CSPs Prioritized to Work with the JAB and Next ...

The following Cloud Service Providers (CSPs) have been selected to work with the Joint Authorizat...

Continue Reading...

FedRAMP Reaches 200 Authorizations

FedRAMP is excited to announce that we just reached a huge milestone: 200 FedRAMP Authorized Clou...

Continue Reading...

Updated 3PAO Obligations and Performance Standa...

FedRAMP recently updated the 3PAO Obligations and Performance Standards document to provide addit...

Continue Reading...

Additional FedRAMP OSCAL Resources and Templates

In June 2020, FedRAMP announced the release of OSCAL resources and templates on GitHub for CSPs, ...

Continue Reading...

Requesting Public Comment on Vulnerability Scan...

Technology changes rapidly and Cloud Service Providers (CSPs) continue to evolve in order to impr...

Continue Reading...

Updated Customer Implementation Summary (CIS) a...

In response to Agency and CSP feedback, FedRAMP updated the Customer Implementation Summary/Custo...

Continue Reading...

Please Take the FY20 FedRAMP Annual Survey!

FedRAMP is seeking your feedback in the FedRAMP Annual Survey. FedRAMP is constantly looking for ...

Continue Reading...

An Update to FedRAMP’s High Baseline SA-9(5) Co...

The Federal Risk and Authorization Management Program (FedRAMP) provides standardized security re...

Continue Reading...

FedRAMP Announces Document and Template Updates

FedRAMP released updates to the System Security Plan (SSP) Attachment 12 template, the FedRAMP Ma...

Continue Reading...

FedRAMP Announces Agency Liaison Program

The FedRAMP PMO recently kicked off a new initiative, the Agency Liaison Program, which is design...

Continue Reading...

Using the FedRAMP OSCAL Resources and Templates

The FedRAMP PMO, in collaboration with NIST, is working to digitize the authorization package thr...

Continue Reading...

7

May

Do Once, Use Many - How Agencies Can Reuse a Fe...

One of FedRAMP’s core value propositions is facilitating government-wide reuse of security packag...

Continue Reading...

JAB Prioritized CSPs and FedRAMP Connect Updates

The following Cloud Service Providers (CSPs) have been selected to work with the Joint Authorizat...

Continue Reading...

FedRAMP Lessons Learned for Small Businesses

The FedRAMP PMO is committed to helping small businesses and startups navigate the FedRAMP author...

Continue Reading...

FedRAMP Looks Back on a Successful FY2019

Fiscal Year 2019 was a year of achievement and progress for FedRAMP. Thank you for your collabora...

Continue Reading...

FedRAMP Moves to Automate the Authorization Pro...

FedRAMP is excited to announce that the program has reached an important automation milestone. Fe...

Continue Reading...

Seeking Public Comments on the Draft Customer I...

In response to Agency and CSP feedback, FedRAMP updated the Customer Implementation Summary/Custo...

Continue Reading...

A Successful FedRAMP Startup & Small Business M...

On September 25, 2019 the FedRAMP PMO had its first Small Business/Start-Up Meetup in San Francis...

Continue Reading...

FedRAMP Connect Results and Next Round of Conne...

Congratulations to the following Cloud Service Providers (CSPs) selected to work with the Joint A...

Continue Reading...

FedRAMP Heads to San Francisco to Host Small Bu...

Are you a small business or startup interested in learning more about FedRAMP? The FedRAMP PMO is...

Continue Reading...

Please Take the FY19 FedRAMP Annual Survey!

The FedRAMP PMO is seeking your feedback and released the FedRAMP Annual Survey. If you’ve intera...

Continue Reading...

FedRAMP Launches Ideation Challenge

Do you have bold, innovative, and actionable ideas that can help transform the way agencies secur...

Continue Reading...

FedRAMP Marketplace Guidance Released

We receive thousands of questions through info@fedramp.gov, and one of the most popular topics is...

Continue Reading...

Get to Know FedRAMP's Program Manager of Securi...

As part of our spotlight series on the members of the FedRAMP PMO team, we wanted to introduce Jo...

Continue Reading...

8

May

Meet FedRAMP's Customer Success Manager

The FedRAMP PMO wants to give our readers a glimpse into the human side of the FedRAMP program by...

Continue Reading...

1

May

Best Practices for Multi-Agency Continuous Moni...

Both Cloud Service Providers (CSPs) and Federal Agencies play a role in Continuous Monitoring. Fe...

Continue Reading...

Reviewing the SAR - Best Practices for 3PAOs, A...

Cloud Service Providers (CSPs) pursuing a Low, Moderate, or High FedRAMP authorization are requir...

Continue Reading...

FedRAMP Updates 3PAO Requirements

Third Party Assessment Organizations (3PAOs) play a critical role within the Federal Risk and A...

Continue Reading...

Annual Assessment Guidance

The FedRAMP PMO recently encountered a question from a Cloud Service Provider (CSP) as to whether...

Continue Reading...

Impact of FedRAMP for Small Businesses

Did you know that over 30% of FedRAMP Cloud Service Providers (CSPs) are small businesses?* When ...

Continue Reading...

Understanding Baselines and Impact Levels in Fe...

The FedRAMP PMO fields a number of questions about impact levels and the security categorization ...

Continue Reading...