May 17, 2022

SpywareNews.com

Dedicated Forum to help removing adware, malware, spyware, ransomware, trojans, viruses and more!

FedRAMP and Its Applicability to ISVs Hosted on FedRAMP-Authorized IaaS

FedRAMP and Its Applicability to ISVs Hosted on FedRAMP-Authorized IaaS

Independent Software Vendors (ISVs) often ask Coalfire about the FedRAMP compliance framework and how it applies to them. They hear that all software procured by the U.S. federal government must be FedRAMP authorized, and they come to the experts to help them navigate the process. The good news is that the FedRAMP program is not directly applicable to most ISVs. An ISV cannot get their native product listed in the FedRAMP marketplace because it is a “software,” not a “service,” and the FedRAMP program was designed for Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS) providers that provide multi-tenant cloud solutions to the U.S. federal government.