H1. Secure Cloud Automation: A New Approach to FedRAMP Certification
Thursday, June 6, 2019
3:15 PM - 4:15 PM
Participation in the FedRAMP Program, introduced in 2010 to accelerate Federal agency adoption of Cloud Services and reduce costs and time to use for agencies, has been expensive and time consuming for SaaS providers. The typical 1-3 year development cycle for new provider participation may be shortened by 50% or more using a new technique recently pioneered by Coalfire, Amazon Web Services (AWS) and other cybersecurity contributors. The ATO program at AWS, based upon this jointly developed Security Automation Orchestration (SAO), has been made into a Coalfire methodology called Secure Cloud Automation Services (SCAS) via SAO. Our presentation will introduce SCAS via a real-world case-study.
After completing this session, the learner will: - Understand the Objectives and Timelines of the FedRAMP Program process for deploying their application securely at an approved Cloud Service Provider - Have an overview of the SCAS (Secure Cloud Automation Services via AWS SAO) process, as used in an AWS scenario, sufficient to contemplate using this approach - Be able to comprehend the “gap analysis” and the technical translation process for applications and services that they may intend to use on their offerings for FedRAMP or other regulatory compliance targets
Chris Krueger is Principal for the Security Architecture group within Coalfire Cyber Engineering. He leads team development, service delivery and new practice creation for professional services. His team specializes in InfoSec on cloud and virtualized datacenters and conventional infrastructure._x000D_ _x000D_ Prior to joining Coalfire, he was a founder and managing partner of an IT consulting firm.