Security Compass, a software security company that provides organizations with technology to make software secure, has introduced feature enhancements to SD Elements that enable cloud service providers (CSPs) to set up and develop their Federal Risk and Authorization Management Program (FedRAMP) continuous compliance initiatives in a coherent and structured way.
Available now, SD Elements customers will automatically receive FedRAMP reporting capabilities supported by new FedRAMP content in the knowledgebase, and SD Elements tasks with additional control requirements.
“Our customers are building innovative, highly effective technology and we are proud to provide the tools to meet FedRAMP compliance standards,” said Rohit Sethi, CEO of Security Compass.
“Just as you can integrate security into DevOps so that it is not a burden after development, our customers can start ATO certification earlier in the development process, so that it doesn’t present challenges at the end.”
To work with federal organizations, CSPs need to obtain FedRAMP authorization, or Authorization to Operate (ATO). In order to achieve ATO, CSPs must continuously monitor their controls and provide the required data regarding the status of controls to the authorizing agency.
With the goal of supporting companies involved in building software for the U.S. Federal Government, SD Elements provides powerful tools and guidelines to develop those initiatives and streamline activities, as well as context on how to implement FedRAMP controls based on project parameters.
SD Elements is a policy-to-execution platform that helps companies manage the ATO process by supporting all three ATO pathways. It automates ATO requirement generation by automatically identifying applicable items and translating ATO control objectives into actionable or prescriptive tasks for engineers.
SD Elements promotes DevSecOps by embedding security as early as the requirements phase thereby allowing development teams to adhere to the continuous ATO model for faster and more efficient ATO acquisition.
SD Elements reflects Security Compass’ commitment to leading the industry towards more standardized approaches to security assessments and continuous monitoring for cloud products and services. By automating the mapping of all applicable security controls, Security Compass is accelerating an organization’s path towards achieving ATO.