Trustwave has attained authorized status by the Federal Risk and Authorization Management Program (FedRAMP) for its Government Fusion platform. This announcement follows Trustwave being named last year as an official StateRAMP-authorized vendor.
These achievements cap a multi-year journey through the FedRAMP process and make Trustwave the only pure-play Managed Detection and Response (MDR) provider recognized by FedRAMP.
“Federal and state agencies, the Defense Industrial Base, contractors to government, and highly-regulated organizations increasingly depend on trusted technology partners to fortify their cybersecurity defenses, and we are proud to deliver a solution that not only meets but often exceeds their stringent security requirements”, said Trustwave Government Solutions President Bill Rucker. “As the first and only pure-play MDR provider to achieve this milestone, with government agency authorization to operate and a 100 percent US Only persons cleared security operations team working around the clock, we offer unparalleled expertise and an uncompromising level of security. This commitment ensures government agencies and the enterprise organizations that support them can operate with the highest level of confidence and peace of mind, knowing their mission-critical assets are fully protected 24/7/365.
“No other pure-play MDR provider has made the same degree of long-term investment as Trustwave in achieving these capabilities, including physically separated instances, 24/7/365 vulnerability scanning, and continual POAM-based proactive execution,” Rucker continued.
Available on the FedRAMP and StateRAMP marketplaces, Trustwave Government Fusion is the platform used for Trustwave's MDR and Co-Managed SIEM/SOC services designed for Federal and State agencies and any clients who require US-only based personnel in a government community cloud environment. In addition, all Trustwave managed security services platforms meet the same stringent standards as Government Fusion, giving clients the flexibility to choose between FedRAMP or non-FedRAMP deployments with the same level of confidence.
FedRAMP is the US government entity charged with standardizing security and risk assessment for cloud services accessed by federal government agencies, while StateRAMP is a non-profit organization that establishes security standards for cloud service providers who want to work with state and local governments. Trustwave's FedRAMP and StateRAMP authorization process was under the sponsorship of the Federal Energy Regulatory Commission (FERC). This means Trustwave has met the Department of Defense's "US eyes only" requirement for the Defense Industrial Base (DIB) and Cybersecurity Maturity Model Certification (CMMC). Trustwave is also a CMMC Accreditation Body-authorized Registered Provider Organization.
Other unique capabilities that Trustwave offers both government and enterprise clients requiring FedRAMP include:
- SOC and MDR capabilities replicated and operated in AWS GovCloud.
- The Trustwave Government SOC team operates in GCC High for managing/monitoring Microsoft GCC High MDR and SIEM environments.
- Superior Facility Clearance Rating by DCSA.
Gaining FedRAMP status follows Trustwave being named as a Major Player in the inaugural IDC MarketScape: U.S. National Government Professional Security Services 2024 Vendor Assessment with the analyst firm citing Trustwave as the first company to receive the FedRAMP In Process Program Management Office (PMO) Review designation, at the time, for a pure-play MDR offering. This accolade was in addition to Trustwave being ranked a leader in co-managed SOC (security operations center) and co-managed SIEM analyst reports.
Where to Find Trustwave on FedRAMP
Trustwave Government Fusion is available on the FedRAMP Marketplace. It is the platform used for Trustwave's MDR and Co-Managed SIEM/SOC services and is specifically designed for Federal agencies and clients who require US-based personnel in a government community cloud environment.
Trustwave's MDR and SIEM solutions offer 24x7 real-time monitoring, threat detection, threat hunting, intelligence, remediation capabilities, and SOAR functionality seamlessly integrated with a client's existing security technologies. The platform ensures scalability and straightforward onboarding, making it an ideal choice for clients seeking augmentation or Managed SOC services at a significantly lower cost compared to traditional on-premises SOC solutions.
What is FedRAMP?
FedRAMP was established in 2011 to provide a cost-effective, risk-based approach for the federal government's adoption and use of cloud services. FedRAMP empowers agencies to use modern cloud technologies, emphasizing the security and protection of federal information.
FedRAMP's goal is to grow the use of secure cloud technologies by government agencies, enhance the framework by which the government secures and authorizes cloud technologies, and build and foster strong partnerships with FedRAMP stakeholders.
FedRAMP allows the federal government to:
- Reduce duplicative efforts, inconsistencies, and cost inefficiencies.
- Establish a public-private partnership to promote innovation and the advancement of more secure information technologies.
- Enable the federal government to accelerate the adoption of cloud computing by creating transparent standards and processes for security authorizations, allowing agencies to leverage security authorizations on a government-wide scale.
