Qualys Cloud Platform achieves FedRAMP compliance

Qualys, a provider of cloud-based security and compliance solutions, announced it has achieved Federal Risk and Authorized Management Program (FedRAMP) compliance via a cloud service provider (CSP) supplied package for Qualys Cloud Platform (QCP). This certification follows a rigorous, third-party review process that results in a ready-made set of complete documentation and testing for use by any federal civilian, military and intelligence agency to rapidly decrease the time needed for approval and deployment of Qualys’ continuous security and compliance cloud solutions.

“FedRAMP provides a critically important service by enabling the United States government to accelerate its adoption of cloud technologies,” stated Philippe Courtot, chairman and CEO, Qualys. “Having surpassed the quality and security standards set forth by FedRAMP, Qualys is now prepared to do its part to facilitate agency compliance with the government’s Cloud First initiative, with full confidence that their IT systems will be secure.”

Qualys’ FedRAMP compliance now allows federal agencies to more easily deploy the Qualys Cloud Platform and gain a global view of their networks and endpoints, plus enable complete security and control over all of their IT assets. Federal civilian, military and intelligence agencies can now leverage the certification to reduce the time needed to gain approvals and adopt all Qualys cloud security and compliance solutions.

The certification also allows system integrators and cloud providers to more easily integrate Qualys with other FedRAMP certified Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) CSPs to deliver cloud-based solutions designed to be FedRAMP compliant.

The U.S. Government created FedRAMP in order to more easily incorporate cloud services into federal IT infrastructure. The program provides a standardized approach to security assessment, authorization and continuous monitoring for cloud products and services. Once a CSP’s system package has achieved FedRAMP compliance, it can be leveraged by any government agency. This provides numerous benefits to government agencies, such as enhanced transparency between government and CSPs, cost and time savings, real-time security visibility, automation and increased confidence in security and risk management.

In addition to having successfully completed a technical review and approval process, Qualys is currently working with a sponsor to attain its FedRAMP Authority to Operate (ATO) certification, and will continue to undergo periodic additional assessments by third-party assessment organizations (3PAO's) in order to uphold the highest possible standards and maintain FedRAMP compliance certification.