Skip to main content

Focus on FedRAMP

FedRAMP Launches New Training Platform

We couldn’t be more excited to launch our new FedRAMP Training Platform! This platform provides a comprehensive overview of our training curriculum, a quality user experience, and enhanced capabilities and functionality. To register for the FedRAMP Training Series Curriculum: Follow this link: https://meet.gsa.gov/fedramp_training/event/registration.html Fill out the user information to set up an account (password length must be between 16 and...

Read More

FedRAMP’s Getting Busy in June - Get Involved!

June is a busy month for the FedRAMP Program! We’ve got a variety of exciting program developments and events on the horizon that we wanted to update you on. New FedRAMP Training Platform and 300-Level Course: We’re excited to announce the upcoming launch of our new FedRAMP Training Platform, which will provide a cohesive view of the FedRAMP curriculum and...

Read More

Please Take the FedRAMP Annual Survey!

We want to find out how we’re doing! The FedRAMP Annual Survey is now live. If you’ve interacted with the program at any point in the last year, we would be grateful if you could take a few minutes to respond to the survey by June 15th. The questions cover how you engage with FedRAMP and your overall experiences. We...

Read More

FedRAMP Authorization Boundary Guidance Released

Over the past year, the FedRAMP PMO has recognized that it is difficult for Cloud Service Providers (CSPs) to frame their cloud service offerings from a FISMA perspective, especially as cloud services become more complex and the use of external services to augment systems continues to increase. As a core component of any FedRAMP System Security Plan (SSP), it is...

Read More

Penetration Testing for All FedRAMP Moderate and High Systems

Penetration testing is a well-recognized way to explore IT system weaknesses. FedRAMP requires penetration testing as part of the initial authorization assessment for all systems pursuing a Moderate or High FedRAMP authorization, as well as for every annual assessment. Vulnerability scanning alone is not sufficient for determining the degree to which a system is susceptible to cyber attack. Penetration testing...

Read More

Page 2 of 19