FedRAMP Introduction (G21a)
Cloud is becoming a dominant tool for various government agencies. Hence securing the cloud has become a paramount task. FedRamp is US standard for clouds. In spite of FedRamp enforcement, it still remains bit elusive in many people’s minds. Yet, this knowledge is a must for vendors, labs, developers etc. This workshop will cover the following topics:
– What is FedRamp?
– Basic concepts
– What is FedRamp High, Medium, Low?
– Legal, operational processes involved, and technical aspects
– Security Assessment Framework
– Security Controls
– 3PAOs
– CMVP & FedRamp
– FedRamp & Common Criteria
– An example case study