There’s recently been a push within FedRAMP towards modernizing the framework to meet modern security challenges and better align federal security standards across agencies and technologies. 

Part of this push is standardizing how security controls are measured and assessed, and the most recent blog from FedRAMP mentions a new standard–OSCAL. 

Here, we will discuss OSCAL, why the National Institute of Standards and Technology (NIST) is creating it to address assessments, and how we streamline them. 

Read More

The latest FedRAMP draft memo from the OMB shakes up quite a bit about the program. While nothing is set in stone, much ink is spilled on what it will mean for the program and participating cloud service providers. 

In this article, we will discuss what this new memo says about automation–specifically, how the program will start approaching automation to ensure compliance within its ecosystem of providers.  

Read More

The FedRAMP OMB has recently released a memorandum on modernizing the standard to address new realities in digital technology.  This shift reflects the increasing reliance on Software-as-a-Service (SaaS) and the strategic roles of Managed Service Providers (MSPs) in the federal, as well as the impact of new technologies like artificial intelligence.

This article aims to summarize some of these pivotal updates to FedRAMP, unraveling their implications for service providers navigating the nuanced federal marketplace. 

Read More