Vulnerability Scanning for PCI and FedRAMP

Are you trying to obtain FedRAMP Authority to Operate? Understand both approaches to the program and each of their pros and cons to learn which one would suit your organization best.

Before you engage a FedRAMP 3PAO like Schellman to assess you, you'll need the services of a consultant. Read how these advisors can help you & what to ask them to ensure you get the best one for you.

Want to get FedRAMP Ready but aren’t sure how it works? Learn about the 4 phases to the process that will lead you to that formal Ready designation on the FedRAMP Marketplace.

Not sure how the NIST 800 Series can help you? We break down 3 of the more well-known publications from the series to help you understand which one suits you.

Should your organization get FedRAMP Ready? We break down what this assessment is and how it can help you, as well as the benefits and drawbacks to pursuing this route.

For CSPs looking to better understand FedRAMP security requirements for containers, Schellman Manager Matt Hungate provides an overview

Schellman's Debbie Zaller provides an overview of the HHS issued HITECH Act amendment

Schellman's Matt Hungate looks at significant changes to NIST SP 800-53, Revision 5

Schellman's Grayson Taylor shares an overview of the new mapping of NERC CIP Reliability Standards to NIST Cybersecurity Framework CSF

Every industry has been forced to scale processes and adapt business models to maintain their foothold in a landscape thrown off by COVID19. At Schellman our FedRAMP 3PAO assessment process was ready.

What are the common reasons CSPs fail to achieve a FedRAMP Authority to Operate ATO in a timely manner?

US DoD has been working to revise funding procurement procedures DFARS. Most important are regulations which mandate that defense contractors meet NIST SP 800-171 standard that deals with CUI.

Schellman has performed a third of FedRAMP assessed systems and is the #2 3PAO provider.

On Wednesday July 17th, I had the distinct honor of providing the assessor perspective at a FedRAMP hearing held by the Subcommittee on Government Operations—a subset of the House Oversight Committee.