The Federal Risk and Authorization Management Program has listed some actions it requires CSPs, or cloud service providers, to perform in response to an emergency directive released by the Cybersecurity and Infrastructure
MoreA study conducted by the Government Accountability Office found that some federal agencies have been using cloud services that were not covered by the Office of Management and Budget’s Federal Risk and
More by Jamie Bennet
The Department of Defense has released a memorandum providing guidance on how the Federal Risk and Authorization Management Program Moderate equivalency applies to cloud service offerings that are used for processing, transmitting
More by Jane Edwards
The Cybersecurity and Infrastructure Security Agency’s Cyber Safety Review Board will conduct a study on private and public sector approaches to protecting cloud-based identity management and authentication. The review marks the third
More by Jamie Bennet
The Cybersecurity and Infrastructure Security Agency has released the Free Tools for Cloud Environments factsheet to provide network defenders and incident response analysts with open-source tools, techniques and guidance to help them
MoreThe Federal Risk and Authorization Management Program has debuted the upgraded version of its searchable database of cloud products and services approved for use across the federal government. The upgraded FedRAMP Marketplace
More by Naomi Cooper
The Federal Risk and Authorization Management Program has recommended that cloud service providers review the Cybersecurity and Infrastructure Security Agency’s latest binding operational directive to mitigate risks from misconfigured management interfaces. BOD
More by Naomi Cooper
Randy Resnick, director of the Department of Defense’s Zero Trust Portfolio Management Office, said starting this spring, National Security Agency red-team hackers will test zero trust security by launching attacks on systems
More by Jane Edwards
The Federal Risk and Authorization Management Program has laid out requirements for cloud service providers and third-party assessment organizations with regard to completing annual assessments. FedRAMP said Wednesday it requires CSPs to
MoreThe Federal Risk and Authorization Management Program has released updated two-volume guidance aimed at helping cloud service providers understand the process of certification from the cybersecurity risk management program. Volume 1 of
More