FedRAMP - It's not Just for Government

The Federal Risk and Authorization Management Program (FedRAMP) was created to provide a common risk management framework for applications built using cloud services. But FedRAMP is not only required for government agencies. If your cloud-based SaaS application is intended for US Government use, you probably need a FedRAMP Authorization to Operate (ATO).

Getting Started with FedRAMP on AWS

ScaleSec offers a two and a half day course, building on the AWS Security Fundamentals. This course:

  • Introduces FedRAMP concepts and the requirements for authorization
  • Proposes a program structure and team composition for companies in pursuit of a FedRAMP authorization
  • Reveals common misnomers, pitfalls, and missteps for those new to government compliance programs
  • Demonstrates how AWS deployments in GovCloud and commercial regions can be secured in accordance with FedRAMP requirements
  • Discusses how the AWS Shared Responsibility Model relates to FedRAMP compliance
  • Discusses how AWS security services can satisfy control family requirements
  • Discusses how AWS Marketplace security solutions can satisfy control family requirements


  • Identify the importance and security benefits of using the AWS cloud
  • Discuss the AWS shared security responsibility model, and how that supports FedRAMP compliance requirements
  • Describe the data protection, access control, and access management features of AWS services and how they relate to the AU, AC, IA and SC control families
  • Describe the network protection features of AWS and how they relate to the SC, SI, and AC control families
  • Describe the audit and logging features of AWS and how they relate to the AU and IR families
  • Discuss third party tools available on the AWS Marketplace that can be used to meet compliance requirements


After completing this course, students will have:

  • An understanding of Advanced AWS Security services and how they can be implemented to meet security controls
  • An understanding of applicable third party security offerings
  • Knowledge of commercial and open source solutions to meet difficult FedRAMP controls
  • Up to 20 Continuing education credits for professional certification organizations

About ScaleSec

ScaleSec helps your company create or enhance your cloud security capabilities by diving deep, offering hands-on services.
Read More »

Get Engaged

Get in Touch