From time to time, new directives and requirements come up in the federal space that has ripple effects throughout the cybersecurity landscape. Recently, FedRAMP raised a note that a new Binding Operational Directive has shifted some requirements for agencies and contractors. While this doesn’t seem to directly impact the program, it is significant enough for the FedRAMP website to note for the future. 

Here, we’ll discuss Binding Operational Directive 23-02 and what it means for government agencies and their partners. 

Read More

In the era of digitization, the security of cloud services, particularly those engaged with federal agencies, is paramount. The government uses the Federal Risk and Authorization Management Program (FedRAMP)–to ensure cloud services meet stringent security standards to protect federal data. 

This article will dig into the intricacies of the FedRAMP High Impact Level and its relevance for different organizations. Whether you are a federal agency, a CSP, or a government contractor, understanding the FedRAMP High Impact Level is crucial to navigating the evolving landscape of cloud security.

Read More

Penetration tests sometimes seem like an extreme measure that ultra-secure companies take to fend off the most formidable threats. However, any company wanting to get serious about cybersecurity and compliance will sometimes run against the practice. This is similar to when working with the federal government. Here, we’ll discuss FedRAMP and penetration testing requirements.

Read More