The Federal Risk and Authorization Management Program received in January its role in the implementation of a zero trust approach to cybersecurity across the federal government.
Citing an Office of Management and Budget strategy document, FedRAMP said Wednesday it will work to ensure that federal agencies can authorize vulnerability testing on commercial cloud applications and infrastructure hosted on contractors’ platforms.
Such authorization would help agencies in identifying and remediating application vulnerabilities by themselves and asking the general public to find weaknesses in their cloud technologies.
Under the federal strategy on zero trust, government organizations must migrate to a cloud-based infrastructure in which systems, users and devices will be verified every time they attempt to access information to detect cyber attacks.