PR Newswire | July 03, 2023
Cybersecurity pioneer Coalfire, IT solutions provider Carahsoft Technology Corp., and Google Public Sector have entered into a partnership to accelerate FedRAMP Authority to Operate (ATO) certification and public sector opportunities for customers deployed on Google Cloud. Coalfire's FedRAMP expertise and offerings will be bundled and delivered to Google Cloud's state, federal, and institutional clients by Carahsoft, one of the public sector's largest solution providers, and its ecosystem of reseller partners and systems integrators.
"With the Federal Risk and Authorization Management Program now the law of the land, achieving FedRAMP certification has quickly evolved from cost burden to exponential business opportunity," said Troy Bertram, managing director of Google Cloud's Public Sector Partner Ecosystem. "Whether or not our clients are selling into government markets or looking ahead to renewing contracts, Coalfire's disruptive services portfolio and ability to provide enterprise SaaS companies with FedRAMP advisory and assessment services that accelerate time to market is a mission-critical differentiator for government contractors."
The collaboration enables Google Public Sector and Carahsoft clients to accelerate their digital transformation and enter new federal markets through Coalfire's FedRAMP advisory services. These offerings allow customers to quickly and cost-effectively understand gaps and build required architectures and documentation to achieve FedRAMP authorization, reducing the historically exorbitant financial barriers to entry that FedRAMP was known for. Once clients achieve ATO, they are positioned to sell across multiple agencies (not just one), and with the Coalfire/Google Public Sector/Carahsoft solution, clients retain ownership of all technology deliverables.
"The FedRAMP roadmap leads to a threat-informed approach to risk management, and the FedRAMP Authorization Act passed in December of last year opens new opportunities for companies to test once and certify many times with reciprocity among agencies," said Carahsoft President Craig P. Abod. "From gap and desired architecture analysis to audit-ready, this partnership with Coalfire enables Carahsoft technology partners operating in Google Cloud to confidently accredit and deploy FedRAMP-compliant environments within an accelerated timeline. Carahsoft and its ecosystem of partners are excited for the opportunity to offer public sector customers a greater variety of FedRAMP-certified solutions deployed on Google Cloud to achieve their mission goals."
"Bringing disruptive and cost-effective FedRAMP services to companies on or considering Google Cloud through channel leader Carahsoft now enables customers to accelerate or expand their sales opportunities with the federal government," said Coalfire CEO Tom McAndrew. "As a FedRAMP pioneer, we have a 100% pass rate on FedRAMP environments we've built. This partnership enables a faster, more cost-effective path for companies considering FedRAMP."
Coalfire has a well-established relationship with Carahsoft and a long history of serving as the trusted FedRAMP auditor and assessment body for Google Cloud. "Whether required or not, FedRAMP is a business opportunity, and every cloud services and SaaS provider should have a FedRAMP strategy," said Jeff Rector, head of worldwide channels and partnerships at Coalfire. "We're excited to take this next step with Google Public Sector and Carahsoft as we work together to help our customers manage and monetize the FedRAMP opportunity."
Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider®, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator® for our vendor partners, we deliver solutions for Cybersecurity, MultiCloud, DevSecOps, Big Data, Artificial Intelligence, Open Source, Customer Experience and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Visit us at www.carahsoft.com
The world's leading organizations – including the top five cloud service providers and leaders in financial services, healthcare, and retail – trust Coalfire to elevate their cyber programs and secure the future of their business. Number one in compliance, FedRAMP®, and cloud penetration testing, Coalfire is the world's largest firm dedicated to cybersecurity services, providing unparalleled technology-enabled professional and managed services. To learn more, visit Coalfire.com.
Emerging Technology, Cybersecurity
PR Newswire | August 18, 2023
Axiad, a leading provider of organization-wide passwordless orchestration, today announced a new Unified Credential Management System (UCMS) package calledPasswordless for Air Gapped and Critical Environmentsto meet the phishing-resistant requirements of The White House Executive Order (EO) 14028. This package brings passwordless authentication and end user self-service capabilities to air gapped and critical infrastructure environments that integrate Microsoft Security solutions. Overall, the package helps government agencies as well as critical infrastructure and defense industrial base (DIB) organizations maximize security and end-user acceptance and minimize security overhead.
In the United States, critical infrastructure systems continue to be a top target for cybercriminals. In fact,Microsoft reportedthat critical infrastructure cyberattacks doubled in 2022 from 20% to 40% of nation-state-sponsored attacks. Because of this, the U.S. government, via EO 14028 on improving the nation's cybersecurity, has mandated security measures, including strong passwordless multi-factor authentication (MFA), for government agencies and is strongly recommending the use of this technology for critical infrastructure.
In response to this growing need, Axiad's Passwordless for Air Gapped and Critical Environments provides a seamless way for organizations to integrate government-grade, phishing-resistant passwordless authentication as well as key functional and operational support into on-premises air gapped environments.
The new package provides full interoperation with a range of Microsoft products – including Microsoft Active Directory Federation Services and Microsoft Certificate Authority – to ensure authentication is highly secure and consistent and customers get maximum value out of their existing environments. Additionally, it provides credential management and self-service credential enrollment and account recovery (CEAR), which are critical capabilities due to the high costs or the complete lack of on-site IT support in air gapped environments.
"Organizations with air gapped and critical infrastructure environments need passwordless authentication and a range of physical and platform authenticators to help prevent cyber-attacks," said Jerome Becquart, chief operating officer at Axiad. "With this new package, Axiad is the first company to provide all these elements plus the critical missing ingredient – self-service authentication management, including enrollment and account recovery – and bring them to the on-premises Microsoft ecosystem."
Axiad's Passwordless for Air Gapped and Critical Environments provides the following unique capabilities:
Strong Authentication:The package provides government-grade FIPS 140 validated passwordless authentication with the flexibility needed to accommodate the full range of needs of employees, contractors, vendors and suppliers. For example, it offers a range of passwordless options, including both physical (YubiKeys, smart cards, PIV cards, USB keys, etc.) and platform (virtual smart cards).
Powerful Self-Service Capabilities:Axiad AirLock, which provides help desk automation by eliminating temporary passwords, provides self-service credential enrollment, and Axiad MyCircle provides self-service account recovery within a trusted circle of colleagues rather than waiting for the help desk to respond – both of which help to increase operational efficiencies for frontline workers and reduce IT costs.
Ready Implementation:The package's architecture is made to operate in air gapped environments and to seamlessly interoperate with existing authentication and infrastructure investments without requiring upgrades. This package fully leverages and extends the life of Microsoft authentication (e.g., Microsoft Active Directory) and infrastructure (e.g., Microsoft Windows Server) investments.
"Axiad's integration with Microsoft empowers critical infrastructure, government and defense industrial base to easily upgrade their existing Microsoft on-premises infrastructure to become passwordless," said Ehud Itshaki, principal product manager at Microsoft. "With phishing-resistant, passwordless authentication, they can enhance their security posture and comply with the recent EO mandating phishing-resistant MFA – all while getting more out of their existing Microsoft authentication and infrastructure investments."
Axiad delivers organization-wide passwordless orchestration to secure people, machines, and interactions for enterprise and public sector organizations that must optimize their cybersecurity posture while navigating underlying IT complexity. The company's flagship product, Axiad Cloud, is a comprehensive, secure and integrated authentication platform that allows customers to move to a passwordless future without the friction and risk of fragmented solutions. Axiad supports the widest range of credentials in the industry including FIDO, mobile MFA, Windows Hello for Business, YubiKeys, smart cards, TPM and biometrics, and is trusted by public sector organizations and Fortune 500 companies across aerospace & defense, financial services, insurance, healthcare, oil & energy and more.
For more information visitaxiad.comand follow us onTwitterandLinkedIn.
PR Newswire | August 08, 2023
Quzara LLC, a leading innovator in Managed Detection & Response (MDR) and Security Operations Center as a Service (SOCaaS), is thrilled to announce that its pioneering solution, Cybertorch™, has been selected by the GSA FedRAMP® PMO to pursue a Provisional Authority to Operate (P-ATO) from the Joint Authorization Board (JAB) at the High Impact Level. This milestone marks a significant advance in Quzara's unwavering commitment to providing state-of-the-art SOCaaS/MXDR solutions for both OT and IT to the government sector and their contractors.
Saif Rahman, CEO of Quzara, expressed his enthusiasm about the achievement: "Being selected for the FedRAMP JAB prioritization is a testament to our team's hard work and dedication. This represents a significant step forward in our mission to bring our high-standard, 24/7, US Citizen Security Operations to the government sector. I want to extend my sincere thanks to our devoted team and partners whose tireless efforts have made this accomplishment possible."
The importance of the FedRAMP JAB prioritization is substantial. This recognition places Quzara's Cybertorch™ in a position of enhanced trust and visibility within the federal government. Cybertorch™'s unique MDR approach, blending AI-driven insights with human expertise, ensures robust, around-the-clock security operations, all managed by US citizens has demonstrated government-wide demand as a Cloud Service Offering.
Moving into the FedRAMP JAB process is another exposition of Quzara's commitment to stringent security standards and reflects the company's broader dedication to fortifying information security in today's complex digital landscape.
As Quzara continues to evolve and expand its capabilities, its focus remains firm: to provide the most secure, compliant, and robust security solutions to its clients.
Quzara, LLC wishes to underline that this achievement does not imply government endorsement of the company, its products, or its services.
FedRAMP is a government-wide program that promotes the adoption of secure cloud services across the federal government by providing a standardized approach to security assessment, authorization and continuous monitoring for cloud products and services.
About Quzara LLC
Quzara LLC is a leader in Managed Detection & Response (MDR) and Security Operations Center as a Service (SOCaaS). Based in Reston, VA, Quzara is committed to providing top-tier security solutions to the government sector and their contractors for OT and IT. With its flagship solution, Cybertorch™, Quzara is setting new industry standards.