Ermetic, the cloud infrastructure security company, today announced that it has initiated the process to achieve Authority to Operate (ATO) status under the Federal Risk and Authorization Management Program (FedRAMP). FedRAMP is a government-wide program that promotes the adoption of secure cloud services across the federal government by providing a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.
The company also announced the appointment of Ben McGucken as regional vice president of sales for US Federal and Latin America, who will lead the company’s FedRAMP certification. In addition, the Ermetic cloud security platform now supports AWS GovCloud (US) and Azure for US Government – which are designed to address specific regulatory and compliance requirements of US government agencies at the federal, state, and local level that run sensitive workloads in the cloud.
The company has engaged stackArmor, Inc, a leading provider of FedRAMP engineering and advisory services, to guide Ermetic through the FedRAMP ATO process. stackArmor and its team of experts have over a decade of experience assisting cloud service providers to ensure their solutions meet compliance standards including FISMA, FedRAMP and NIST.
“We are pleased to partner with Ermetic on their FedRAMP journey toward an ATO, stackAmor's ThreatAlert is an integrated suite of security and compliance services deployed within the accreditation boundary. This also includes continuous monitoring designed to help companies like Ermetic reduce the level of effort and costs while accelerating the FedRAMP process.”
-Martin Rieger, Chief Solutions Officer for stackArmor.
Federal, state and local governments are using the cloud to provide better services for constituents, but need to address security risks, especially those associated with preventing breaches, detecting issues rapidly, and protecting personal information, said Shai Morag, CEO of Ermetic. Ermetic is embarking on the FedRAMP process to provide every level of government with a comprehensive solution for cloud native application protection.
Ben McGucken joined Ermetic from data security vendor BitGlass where he was AVP of Sales for South and Latin America. He has also served in senior sales roles with ExtraHop, Palo Alto Networks and Layer 3 Communications.
“Ermetic already supports AWS GovCloud and Azure for Government for customers that want to conduct proof of concept evaluations, As we move through the FedRAMP authorization process, government agencies can feel confident that the Ermetic platform is designed to meet the regulatory and compliance requirements they must comply with for cloud workloads.”
-Ben McGucken regional vice president of sales for US Federal and Latin America.
Ermetic helps prevent breaches by reducing the attack surface of cloud infrastructure and enforcing least privilege at scale in the most complex environments. The Ermetic SaaS platform provides comprehensive cloud security for AWS, Azure and GCP that spans both cloud infrastructure entitlements management (CIEM) and cloud security posture management (CSPM). The company is led by proven technology entrepreneurs whose previous companies have been acquired by Microsoft, Palo Alto Networks and others. Ermetic has received funding from Accel, Forgepoint, Glilot Capital Partners, Norwest Venture Partners, Qumra and Target Global.