Federal Assessments

While many 3PAOs are historical government contractors and consultants, Schellman provides only independent assessment services to cloud providers.

  • NIST CSF 2018

    NIST CSF 2018

    The 2018 National Institute of Standards and Technology (NIST) Cyber Security Framework is an updated version of the first version published in 2014. Notably, the two versions of the...

    Read Article
  • CrowdStrike FedRAMP Case Study46:40

    CrowdStrike FedRAMP Case Study

    Watch Video
  • FedRAMP: Three Stages of Vulnerability Scanning and their Pitfalls

    FedRAMP: Three Stages of Vulnerability Scanning and their Pitfalls

    Though vulnerability scanning is only one of the control requirements in FedRAMP, it is actually one of the most frequent pitfalls in terms of impact to an authorization to operate...

    Read Article
  • NIST Special Publication 800-171

    NIST Special Publication 800-171

    Government security breaches seem to hit the news every other month—keep an eye on your investments—including potential breaches caused by contractors. What may be a surprise is the...

    Read Article
  • Clarifying the FedRAMP Penetration Test Requirements

    Clarifying the FedRAMP Penetration Test Requirements

    As a Third Party Assessment Organization (3PAO), Schellman regularly conducts FedRAMP assessments for Cloud Service Providers (CSPs). Included during these assessments is a penetration...

    Read Article
  • Could updated controls from NIST drive up cloud security costs?

    Could updated controls from NIST drive up cloud security costs?

    Among the biggest complaints about the cloud security program known as the Federal Risk Authorization Management Program (FedRAMP) have been the cost for vendors and the time it takes...

    Read Article
  • Understanding FedRAMP

    Understanding FedRAMP

    Read Flipbook
  • FedRAMP

    FedRAMP

    Read Flipbook
  • Match on: FedRAMP vs. ISO 27001

    Match on: FedRAMP vs. ISO 27001

    Over the last few years, there has been a push to obtain cloud computing solutions at almost every turn.  A plethora of companies continue to provide cloud services to their existing...

    Read Article
  • Work with Federal Agencies? What You Should Know About FedRAMP51:50

    Work with Federal Agencies? What You Should Know About FedRAMP

    Watch Video
  • FedRAMP – 5 Things CSPs Should Already Know

    FedRAMP – 5 Things CSPs Should Already Know

    I am delighted that Schellman is now an accredited FedRAMP 3rd Party Assessment Organization (3PAO). This is a testament to our extensive experience in the cloud service provider (CSP) space and...

    Read Article
  • Prepping for FedRAMP – 5 Things CSPs to Note

    Prepping for FedRAMP – 5 Things CSPs to Note

    Originally published on www.fedrampfastforward.com BrightLine works with many cloud service providers (CSPs) which have built successful business by providing services to the private sector. With...

    Read Article
  • Navigating the Federal Compliance Space - FedRAMP vs FISMA

    Navigating the Federal Compliance Space - FedRAMP vs FISMA

    Even if you aren’t selling to a government agency, it’s important to understand government regulations. The government is the largest single creator, collector, consumer and circulator...

    Read Article
  • Database Security and FedRAMP

    Database Security and FedRAMP

    Many cloud service providers (CSPs) are not fully addressing the database scanning requirements for FedRAMP and have questions related to database security and FedRAMP.  This article details the...

    Read Article
  • FedRAMP and PCI – A Comparison of Scanning and Penetration Testing Requirements

    FedRAMP and PCI – A Comparison of Scanning and Penetration Testing Requirements

     Overview In the last 30 days, the FedRAMP Program Management Office (PMO) has published guidance for both vulnerability scanning and penetration testing. The updated guidance comes on the heels...

    Read Article
  • FedRAMP & Cloud Brokering – Changing How the DoD Does Business

    FedRAMP & Cloud Brokering – Changing How the DoD Does Business

    Via: FCW.com The Federal Risk and Authorization Management Program (FedRAMP) is a government-wide program that provides a standardized approach to security assessments, authorizations, and...

    Read Article
  • 10 steps toward FedRAMP compliance

    10 steps toward FedRAMP compliance

    Via: fcw.com

    Read Article
  • How Does Amazon’s FedRAMP Authorization Affect Cloud Providers?

    How Does Amazon’s FedRAMP Authorization Affect Cloud Providers?

    Originally published at: Northern Virginia ISSA

    Read Article
  • Does SSAE 16 Certified = FISMA Certified?

    Does SSAE 16 Certified = FISMA Certified?

    Introduction

    Read Article
  • loading
    Loading More...