FedRAMP Marketplace

Your browser does not support JavaScript.

In order to view the full content of this site, please use a browser with JavaScript enabled. If you cannot, you may want to view the data driving this marketplace.

Skip to main content

About FedRAMP Marketplace

The FedRAMP Marketplace is a searchable and sortable database of CSOs that have achieved a FedRAMP designation, a list of federal agencies using FedRAMP Authorized CSOs, and FedRAMP recognized assessors/auditors (3PAOs) that can perform a FedRAMP assessment.

Learn more about Marketplace

Total FedRAMP Authorized Services

434

Latest on Marketplace

OrbusInfinity Federal

Now in Agency Review

DepotFinity

Now Authorized

RingMD Telemedicine

Now in Agency Review

553 total

CG-TTS - Cloud.Gov

FedRAMP Authorized

Mystic Message Archival

FedRAMP Authorized

LibreView for US Government

FedRAMP Authorized

Abnormal AI for Government

FedRAMP Authorized

Absolute Secure Endpoint Product Suite

FedRAMP Authorized

Absolute Secure Endpoint offers an agent-based endpoint resilience solution powered by Absolute Persistence®; a patented technology embedded in the firmware of over 600 million devices. This unique technology ensures an unbreakable connection between endpoints and the Absolute Secure Endpoint SaaS platform, serving as a trusted source of truth for device and application health. It automates self-healing for mission-critical applications and security controls while providing a robust lifeline for protecting at-risk devices and data. Organizations can locate, freeze, and wipe lost or stolen devices in accordance with NIST standards, enabling IT and security teams to enhance cyber resilience, strengthen security posture, and maintain compliance. Key Capabilities: The Absolute Secure Endpoint suite allows customers to remotely manage their endpoint devices through a Web UI (Customer Center (CC) Console) or Public APIs, delivering the following features: • Track Hardware: Monitor and manage device inventories. • Measure Device Usage: Analyze usage patterns to optimize resources. • Monitor Installed Software: Streamline compliance and software audits. • Assess Security Posture: Gain insights into endpoint security. • Monitor Critical Application Health: Ensure mission-critical applications run optimally. • Detect Unauthorized Device Movement: Prevent unauthorized access and data breaches. • Remotely Freeze Devices: Lock devices to prevent misuse. • Remotely Delete Data: Securely wipe sensitive information when necessary. • Enable Firmware Protection: Safeguard devices at the firmware level. • Make Critical Applications Self-Healing: Automatically restore essential applications. • Identify Sensitive Information on Devices: Detect and classify sensitive data. • Remotely Query & Remediate Devices at Scale: Address issues across large device populations. • Comply Module for Secure Endpoint: Strengthen endpoint compliance with advanced tools. Supported Use Cases: The suite addresses a wide range of operational and security challenges: • Device Lifecycle Management: Simplify provisioning, maintenance, and decommissioning of devices. • Automate Hardware Audits: Improve audit accuracy while reducing manual effort. • Automate Software Audits: Ensure software compliance across endpoints. • Improve Help Desk Efficiency: Speed up the resolution of device issues. • Find and Fix Vulnerabilities: Detect and remediate endpoint weaknesses. • Enforce Security Standards: Apply consistent security policies across the organization. • Detect Endpoint Risks: Monitor and respond to emerging threats. • Respond to Endpoint Risks: Execute rapid, effective countermeasures. • Provide Evidence of Compliance: Demonstrate adherence to regulatory standards. • GDPR Compliance: Protect personal data and meet privacy requirements. • Next-Generation Cyber Resilience: Defend against evolving cyber threats with advanced protection. • Enterprise Security and Compliance: Meet rigorous security and regulatory requirements. • Firmware-Embedded Resilience: Protect devices persistently at the firmware level. • Validation of Secure and Compliant Devices: Ensure only compliant devices access corporate networks. • Optimized Remote Work Security: Strengthen security for remote and hybrid work environments. • Automated Remediation for Incidents: Automatically address critical errors and system issues to ensure seamless operation and stability. With its innovative technology, advanced remediation capabilities, and comprehensive features, Absolute Secure Endpoint empowers organizations to build stronger, more resilient endpoint security ecosystems tailored to modern challenges.

Acadis Readiness Suite

FedRAMP Authorized

Kiteworks Federal Cloud

FedRAMP Authorized

The Kiteworks Private Data Network is a FedRAMP Authorized service at the Moderate Impact Level that provides data security, governance, and compliance capabilities. The service consists of the following core components and functions: System Components - Virtual private cloud (VPC) environment with dedicated servers for each customer - Encrypted file storage system - Data transfer protocols including SFTP, HTTPS, and SMTP - Authentication and authorization services - Audit logging and monitoring systems - Security scanning and threat detection services Core Functions - File transfer and sharing capabilities via web interface, email, SFTP, MFT, and APIs - Role- and attribute-based access control and user authentication - File encryption at rest and in transit using FIPS 140-3 validated cryptographic modules - Audit logging of all system and user activities - Integration with customer directory services (LDAP/Active Directory, etc., see below) - Multi-factor authentication support - DLP integration - Embedded antivirus Possessionless Editing (SafeEDIT) System Components and Functions - File streaming service for secure remote data access and collaboration - Data rendering system for file type conversion - Audit logging system for data interactions - Versioning system for file changes - Authorization validation service - File integrity verification system - Session management service - Access revocation controls - Activity monitoring system Security Features - Customer-managed encryption keys - Single-tenant deployment providing data isolation between customers - Continuous security monitoring and scanning - File-level role- and attributed-based access controls - Remote device management capabilities - Security event logging and reporting - Integration with customer SIEM systems Compliance Capabilities - Audit log generation and retention - Policy enforcement mechanisms - Compliance reporting tools - Data locality controls - Access tracking and monitoring - Chain of custody documentation Integration Interfaces - REST APIs for system integration and SCIM authentication support - SMTP interface for email services - SFTP/FTPS/CIFS/SMB interfaces for file transfer - LDAP/AD, SAML 2.0, Kerberos, PIV/CAC, time-based one-time password (TOTP) authenticators, SMS, and SFTP certificate connectors for authentication - SIEM integration for security monitoring - DLP and CDR system integrations - The system operates within a defined authorization boundary and undergoes continuous monitoring and regular security assessments in accordance with FedRAMP requirements. To learn more about what Kiteworks can do for government agencies, please visit: https://www.kiteworks.com/solutions/government/

Accenture Federal Cloud ERP

FedRAMP Authorized

Accenture Extended Detection and Response (XDR) for government

FedRAMP Authorized

Accenture Insights Platform (AIP) For Government

FedRAMP Authorized

FedRAMP Authorized

FedRAMP Authorized

Actsoft Workforce Manager for Gov.

FedRAMP Authorized

Connect, Ozone, & Facial Recognition System (COFRS)

FedRAMP Authorized

Acuant is a leading global provider of identity verification, regulatory compliance (AML/KYC) and digital identity solutions. Acuant's Trusted Identity Platform is powered by AI and human assisted machine learning to deliver unparalleled results and operational efficiency. Acuant Connect, Ozone and Facial Recognition System (COFRS) combines four product lines to fulfill the need to authenticate an individual against an identity document they present to establish a trusted relationship. COFRS is a Software as a Service (SaaS) solution that provides an extremely robust basis for identity proofing. The products together authenticate the physical and digital information protecting the authenticity and integrity of the document, provide an assessment of the degree of match of the individual to the photo(s) stored on the document, and perform presentation attack detection via liveness assessment of the individual performing the transaction. - AssureID Connect SaaS authenticates the physical security features of the document - Ozone eMRTD Authentication SaaS ensures the electronic data is cryptographically intact and digitally bound to a trusted issuing authority - Once the document has been determined to be authentic and unmodified from its initial issuance, Acuant FaceID Government SaaS performs a facial recognition match of the photo(s) from the document with the individual presenting the document - Acuant Passive Liveness SaaS performs presentation attack detection to thwart fraud Document authentication is vital part of confirming the identity of an individual. Authenticating a document requires reviewing the physical document for the presence of known security features;features which are specific to each document type and series from a given issuer. The security features that are found on the presented document then need to be compared against the expected/known security features for the specific document and its issuer. Additionally, with the advent of electronic identity documents, the electronic data stored on the document must be authenticated and validated using Public Key Infrastructure (PKI) components to cryptographically assess the data encoded in the chip of the document and their binding to the Issuer. Finally, to ensure the document belongs to the individual presenting the document, a biometric match comparing the image from the document to the individual should be made, and the liveness of the individual must be determined - especially in remote vetting situations.

SkyShaper Technologies

Adobe Experience Manager Managed Services (AEMMS-GC)

FedRAMP Authorized

FedRAMP Authorized

Adobe Learning Manager

FedRAMP Authorized

Adobe Connect Managed Services (ACMS-GC)

FedRAMP Authorized

Adobe Document Cloud including Adobe Acrobat, Adobe Acrobat Sign, and Adobe Acrobat Services (APIs)

FedRAMP Authorized

Adobe Creative Cloud for Enterprise

FedRAMP Authorized

Adobe Analytics

FedRAMP Authorized

Adobe Acrobat Sign for Government

FedRAMP Authorized

Agile RTLS Suite (A-RTLS)

FedRAMP Authorized

Aidin Post-Acute Referrals Module

FedRAMP In Process

AINS dba OPEXUS - eCase

FedRAMP Authorized

Content Delivery Services

FedRAMP Authorized

The Akamai Content Delivery Network provides an 100% available platform to improve the performance and customer experience of your web content while providing robust security protections for your infrastructure – all at the edge of the internet and at an unmatched global scale. Akamai’s solutions are configured through the Akamai Control Center customer portal or via APIs to automate your workflows. Akamai Intelligent Platform infrastructure solutions included in the JAB authorized boundary are: Security - WAAP, WAF, WEP Web Application and API protections powered by an adaptive security engine (ASE) help protect from a wide range of network and application-layer threats with less effort and overhead. This solution is built on our Intelligent Edge Platform and comes prebuilt with performance capabilities that are designed to ensure your websites, web applications, and APIs perform their very best. Cloud-based web application firewall (WAF) — which harnesses visibility across the platform to stop the most sophisticated denial-of-service (DoS), web application, and API-based attacks. Secure Content Delivery Network - for HTTP and HTTPS for delivering secure, high performing and highly available web applications and APIs at scale. Edge enterprise DNS Protection (with DNSSEC) and Global Traffic Management - designed so that Internet users can more reliably get to your websites or any other IP application. It applies an Internet-centric approach to global load balancing to provide high site availability and responsiveness to online user requests. NetStorage - Cloud Storage, cloud-based service designed to meet storage requirements while offering customers cost reduction and a simplified management effort. Globally distributed cloud-based storage that maximizes delivery and performance. Media Services Live - Media streaming services - enabling agencies to stream and provide content to their viewers. Providing a consistent, high-quality viewing experience across the broad variety of network types — fixed or mobile — at varying connection speeds, globally.

Alation Cloud Service

Altana for Government

FedRAMP In Process

FedRAMP Authorized

AWS US East/West

FedRAMP Authorized

FedRAMP Authorized

FedRAMP Authorized

Appian Government Cloud - High

FedRAMP Authorized

AppOmni SaaS Security for Government

FedRAMP In Process

Apptio for Technology Business Management and Cloud Financial Management (TBM)

FedRAMP Authorized

FedRAMP In Process

Aqua Platform for Government

FedRAMP Authorized

The Aqua Platform for Government is a Cloud Native Application Protection Platform (CNAPP) comprised of fully integrated security and compliance capabilities that visualize, prioritize, and eliminate risk in minutes across the full software development lifecycle. Automated policies for shift-left prevention and runtime detection and response reduce your attack surface and mitigate active attacks—before damaging losses can occur. Aqua empowers customers to unleash the full potential of their digital transformation and accelerate innovation with the confidence that their cloud native applications are secured from start to finish, at any scale. The Aqua Platform is a full-suite cloud service offering that provides customers with the capability to scan, monitor, and manage applications, containers, virtual machines, and workloads, as well as to validate applicable compliance controls and regulations. The Aqua Platform comprises six different service modules, listed below, that provide various scanning and monitoring functionalities: Supply Chain: The Supply Chain module allows customers to perform container image and registry scanning, as well as to scan customer code, images and artifacts as a part of their build pipeline. Workload Protection: Deploys sensors and agents within a customer’s cloud environment to provide protection on customer-defined components via Enforcer functionality. CyberCenter: The CyberCenter service monitors scans and uses comparison against a database aggregated from multiple threat intelligence sources to identify vulnerabilities and malware within container images. Cloud Security Posture Management (CSPM): The CSPM module provides customers the ability to integrate with one or more cloud infrastructure accounts to scan the entire account, correlate events across the account, provide account-wide remediation, and monitor and write compliance controls across the account. From these scans, Aqua Platform for Federal provides customers with an overall score based on identified vulnerabilities and compliance with defined configuration policies. The CSPAAS service acts to allow interfacing between the USE and CSPM services within Aqua Platform for Government.

Armedia Content Cloud

FedRAMP Authorized

Armis FedRAMP Edition (AFE)

FedRAMP Authorized

Armis, FedRAMP Edition (AFE) is an agentless, enterprise-class security platform purpose-built to help organizations discover and secure managed, unmanaged, and IoT devices, including medical devices and industrial control systems (ICS). Armis discovers every managed, unmanaged, and IoT device in any environment, analyzes device behavior to identify risks, vulnerabilities or attacks, and protects critical business information and systems. Armis easily integrates with existing security products. AFE passively monitors wired and wireless traffic in the environment to identify every device and to understand its behavior without disruption. AFE analyzes this data in the AFE Risk Engine which uses device profiles and characteristics from the AFE Device Knowledgebase to identify each device, assess its risks & vulnerabilities, detect threats, and recommend remediation actions. Visibility: AFE closes the Continuous Diagnostic and Mitigation Dashboard visibility gap with unmanaged and IoT devices. AFE discovers and classifies every managed, unmanaged, and IoT device in the environment including servers, laptops, smartphones, VoIP phones, smart TVs, IP cameras, printers, 5G, HVAC controls, medical devices, industrial controls, and more. AFE can even identify off-network devices using Wi-Fi, Bluetooth, and other protocols in any environment. The comprehensive device inventory that AFE generates includes critical information such as device manufacturer, model, serial number, location, username, operating system, installed applications, and connections made over time. In addition to discovering and classifying a device, AFE calculates its risk score based on factors such as vulnerabilities, known attack patterns, as well as the behaviors observed of each device in the environment. This risk score helps security teams understand their attack surface and meet compliance with regulatory frameworks that require identification and prioritization of vulnerabilities. Insights: The AFE Risk Engine continuously monitors the behavior of every device in the environment for behavioral anomalies. Working with the AFE Device Knowledgebase, AFE compares the real-time behavior of each device with: - Historical device behavior - Behavior of similar devices in the Customer's environment - Behavior of similar devices in other environments - Common attack techniques - Information from threat intelligence feeds Actions: With these types of critical device and behavioral insights, AFE is able to identify threats and attacks. When AFE detects a threat, it can alert security teams and trigger automated action to stop an attack. Through integrations with network infrastructure, as well as the Customer's existing security enforcement points like Cisco and Palo Alto Networks firewalls, and network access control (NAC) products such as Cisco ISE and Aruba ClearPass, AFE can restrict access or quarantine suspicious or malicious devices. Easy Integration: AFE requires no agents or additional hardware to deploy. AFE integrates with existing firewalls or NAC, security management systems such as SIEM, ticketing systems, and asset databases. These integrations allow AFE to leverage existing investments to achieve greater value and more automated response.

FedRAMP Authorized

FedRAMP Authorized

FedRAMP Authorized

FedRAMP Authorized

Atlassian Government Cloud

FedRAMP Authorized

Atom Power, Inc - ATOM EVSE

FedRAMP Authorized

Masterworks Cloud Platform

FedRAMP Authorized

FedRAMP Authorized

Autodesk for Government

FedRAMP Authorized

FedRAMP Authorized

Built on WordPress, the Content Management System (CMS) that powers 43% of the web, WordPress VIP provides a secure, compliant platform for management for government entities. With industry-leading security protocols, expert support, flexible architectures, plus 99.99% SLA, hourly backups, and reliable uptime, WordPress VIP takes the heavy lifting out of digitizing citizen services and modernizing legacy infrastructure. WordPress VIP is built on top of WordPress, an intuitive, easy-to-use CMS that many government employees already know. By adopting WordPress VIP, IT and technical staff can reduce the amount of support and training required to support their agency. But maintaining WordPress and ensuring the security of a WordPress setup can be challenging, and many solutions built on WordPress do not meet the exacting requirements of federal agencies. Security is WordPress VIP's chief priority. Our data security best practices include end-to-end encryption from edge to origin, resource and data isolation, and encrypted offsite backups. We address physical security through an independently owned and operated network of industry-certified global data centers. Every origin server meets the International Organization of Standardization (ISO), International Electrotechnical Commission (IEC) 27001 certification, Standards for Attestation Engagements (SSAE) No. 18 (SOC1) and SOC2 Type 2, and includes ongoing surveillance reviews. At the application level, every instance is protected with Single Sign-On, SSL/HTTPS/HSTS, required 2FA, and logging and auditing at the application, web server, load balancing, database, and operating system layers. WordPress VIP also fully manages updates and version and responds to any potential security issues immediately, easing the burden of ongoing security and maintenance and lowering total cost of ownership. While our stringent security protocols protect sensitive information, our intuitive and easy-to-use content management workflows make it easy to provide citizens with up-to-date, accessible, and accurate information. Even those with little technical knowledge can successfully navigate WordPress VIP's editing interface with minimal training.

Avature Limited

FedRAMP Authorized

Avaya Government Cloud

FedRAMP Authorized

Avaya OneCloud for Government is a government community cloud, FedRAMP Moderate authorized Unified Communications & Collaboration as a service (UCaaS) plus Contact Center as a service (CCaaS) cloud offering the following to government agencies: Government Community Cloud (GCC) - The Government Community Cloud is a preferred characteristic for Government wide solutions and it comes with less risk to Government agencies than other forms of cloud models (e.g. public). Better customization and security - The Service is a dedicated (not multi-tenant) Unified Communication (UC)/Contact Center (CC) cloud offering. Each agency is provided their own individual software stack/instance on a virtual platform that provides a highly customizable, reliable and secure environment. The Service is monitored and managed 365 x 24 x 7. Industry recognized Avaya Unified Communications (UC) software is at the heart of the Service providing enterprise quality UC features including telephony, unified messaging, mobility, instant messaging & presence plus audio, web and video collaboration. Secure full featured collaboration provides a reservation-less "Meet-me" audio, video and web collaboration virtual room with security code access and the ability to launch the bridge from any phone anywhere. Industry recognized Avaya Contact Center/Customer Experience applications are at the core of the CCaaS offer with composability via myriad Avaya ecosystem partners to deliver rich and effective customer experience solutions including, skills-based routing, CC reporting/management, call recording, quality monitoring, analytics, workforce management, workforce optimization, self-service with natural language speech recognition, proactive outbound calling, callback assistance, AI, chatbots, digital channels, etc. Emergency Calling Compliance - Kari's Law and Ray Baum’s Act compliance via optional emergency calling solution all authorized by FedRAMP. Predictable Operational Expense (OPEX) billing model underpins the Avaya OneCloud for Government service.

AvePoint Online Services for US Government (AOS-UG)

FedRAMP Authorized

AvePoint Online Services for US Government provides centralized management, governance, backup, migration, reporting, information lifecycle management, and more for your multi-SaaS workloads all in one platform. When collaborating across workplace technologies, proper governance, security, and resilience approaches are critical. Native capabilities often fall short, leading to operational inefficiencies, increased risk, and difficulty assuring compliance. As AvePoint’s Confidence Platform for the Public Sector, AvePoint Online Services for US Government supplements these native capabilities to achieve comprehensive data management and governance, and ensure your organization is prepared for AI while driving usage, adoption, and maximizing return on investment. With AvePoint Online Services for US Government, public sector organizations can leverage the functionalities below to confidently navigate the complexities of modern digital collaboration, ensuring their data is secure, compliant, and efficiently managed. AvePoint Opus – Optimize cloud storage & manage information lifecycles for Microsoft 365 AvePoint tyGraph – Workforce analytics for Microsoft 365 AvePoint Virtual Assistant (AVA) - data recovery and AI chatbot Cense – License Management for Microsoft 365 Cloud Backup – Backup and protection for services in Microsoft 365, Microsoft Dynamics 365, Azure, Google Workspace, Google Classroom and Salesforce Cloud Governance – Structured cloud workspace control for Microsoft 365 Cloud Management – Automated Microsoft 365 administration Confide – Secure internal and external collaboration for complex projects Curricula – Corporate Learning Management System Elements – Mult-tenant management for Microsoft 365, Dynamics, Azure, Salesforce, and Google Workspace EnPower – Access management for Microsoft 365 Examena – Digital Assessment management Fly (SaaS) - SaaS based tenant-to-tenant migration solution to or within Microsoft 365 Insights – Security reporting for Microsoft 365 MyHub – Centralized collaboration Hub for Microsoft 365 Policies - Microsoft 365 security management and enforcement. ReCenter – End-user file restore for Microsoft 365 and Google Workspace

Avue Digital Services

FedRAMP Authorized

Avue is a web-based, outsourced, digital service delivery system offered by Avue Technologies Corporation; remotely-hosted in the Amazon GovCloud, and remotely-managed by Avue Technologies Corporation in Tacoma, Washington. The Avue service is provided through a single interface to handle all aspects of human capital management. Avue is a Software-as-a-Service (SaaS) cloud-based Human Capital Management and Operations Management platform. Avue is the leader in federal talent acquisition, talent management, talent science, and human capital technology solutions. The platform serves include a diverse array of agencies that include Title 5 and alternative personnel systems such as Title 38, Title 10, Title 32, and FIRREA. Avue is a native-federal HCM platform offered as a SaaS/cloud solution, with 99.9% uptime, since 2001. Avue's offering includes a five component solution: (1) the native federal enterprise SaaS platform, (2) highly expert Avue staff available online and onsite to ensure the platform is responsive to the client's operational needs, (3) embedded IT services that ensure all elements of the technology and data flow and operate seamlessly with the client's IT environment, (4) social media, communications, and marketing services for online-, mobile-, and social-media based talent acquisition, and (5) on-demand HR staff augmentation to add capacity and assist agency HR staff with Avue HR experts, in any location at any time. Avue's database contains job duties, skills, and competencies, developmental activities, training courses, performance standards, recruitment criteria and applicant assessment criteria, along with a range of other associated content. This database and its companion rules engines allow Avue to deliver services in a rapid and efficient manner while at the same time ensuring compliance with statutes and regulations, notably the Uniform Guidelines on Employee Selection Procedures, governing OPM and delegated examining regulations, and the federal Merit System. Avue's services are bundled with the database and technology platform in a manner that ensures delivery of the services are not only compliant but responsive to managemen'’s needs, quick, and superior in quality and result. Avue is HRLOB certified by OPM, OMB, and GSA for both Core and Non-Core HR services including Classification, Staffing and Recruitment, Performance Management, Enterprise Learning Management, Worker Compensation, Payroll, Time and Attendance, Benefits and Retirement Management, Organization Optimization, and Workforce Planning and Management - a total of 15 modules. Avue Technologies is currently interconnected to electronically post vacancies to USAJOBs and receive online application and with the National Finance Center (NFC) for personnel actions and workforce management activities.

Axiad Conductor

FedRAMP In Process

US Axon FedCloud - High

FedRAMP Authorized

Axonius Asset Cloud

FedRAMP Authorized

Aztec Learning System

FedRAMP In Process

PMP Government-Gateway

FedRAMP Authorized

Bentley for Government

FedRAMP In Process

Cuick Trac Managed Enclave (CTME)

BetterUp for Government

FedRAMP Authorized

Secure Remote Access

FedRAMP Authorized

Bizagi Cloud for US Government

FedRAMP Authorized

BlackBerry Cloud - AtHoc Services for Government (High)

FedRAMP Authorized

Blackboard Learn SaaS

FedRAMP Authorized

FedRAMP In Process

FedRAMP Authorized

Blink Network provides a comprehensive solution for electric vehicle (EV) charging, employing a container-based, microservices architecture to allow for the management of charging stations, as well as a wide array of host and driver services. Charger Services The core of the Blink Network revolves around its charger services, which include: Access Control and Billing: Users are authenticated and billed based on their usage. The system supports detailed billing that can differentiate between driver pricing and other billing factors. Charging Session History: Each charging session is logged, capturing details such as duration, energy consumed, and cost, enabling precise tracking and management. Charging Station Configuration: Administrators can configure charging stations remotely, setting parameters such as maximum output and scheduling. Customer Services To enhance the EV driver experience, Blink Network offers several customer-oriented services: Station Locator: Drivers can find available public charging stations via the network, ensuring they can charge their vehicles conveniently. Session Management: Drivers can start and pay for charging sessions directly through the platform, supported by a seamless payment gateway. Notification Alerts: Users receive notifications about their charging status and other relevant alerts, enhancing communication and user engagement. Station Management Station management is critical for operational efficiency and includes: Pricing Policy Management: Administrators can set and adjust pricing based on duration or kWh used, allowing for flexible and dynamic pricing strategies. Access Policy Settings: Stations can be configured for public, private, or mixed use. Public stations can be integrated with popular mapping services like Google and Apple Maps for easy accessibility. Reporting: Comprehensive reports are available, detailing transactions, energy usage, revenue, station utilization, and environmental impact metrics. Real-time Monitoring: Continuous monitoring of station status with alerts ensures high uptime and prompt response to issues. Driver Mobile App The driver-facing component of the Blink Network includes: Account Management: Drivers can manage their profiles, set notification preferences, and enter payment information for automated billing. Charging Management: The app provides functionalities to find stations, check availability, initiate, and pay for charging sessions, all in real-time. API Integration API capabilities are central to the system, facilitating: Charging Operations (OCPI): Supports authentication and control of charging sessions. Charger Information (OCPI): Delivers real-time data on charger status, tariffs, and locations. CDR and Reports (OCPI): Provides detailed reports on energy consumption, parking duration, and costs for effective management. Data Security Data integrity and security are prioritized with stringent measures for data at rest and in transit, including: Host Information: Only essential details are stored, ensuring privacy and compliance. Driver Information: Sensitive information such as credit card details are tokenized; actual card numbers are never stored. Charging Station and Session Details: Comprehensive logging includes all transactional data without compromising user privacy.

Bluescape for Government

FedRAMP Authorized

FedRAMP Authorized

BMC Helix in the AWS cloud accelerates agencies on their enterprise modernization journey. Organizations that are migrating to the cloud require a process that is seamless, successful, and uncompromising on security. This is particularly important to federal agencies that are experiencing ever-changing and demanding missions. Some highlights of the BMC solution include but are not limited to: * BMC Helix Portfolio Management – A comprehensive graphical tool that seamlessly connects Project and Portfolio Management with idea sourcing, idea management, and demand generation * BMC Helix Operations Management with AIOps – Predictive IT with AIOps, with service-centric monitoring, advanced event management, root cause isolation, and intelligent automation to improve performance * BMC Helix Continuous Optimization – Predictive analytics to manage IT resources with support for Kubernetes and pods, microservices, containers, and multi-cloud * BMC Helix Discovery – Discovery and dependency modeling delivers instant visibility into hardware, software, and services across multi-cloud, hybrid, and on-premises environments * BMC Helix ITSM (with Digital Workplace) – The gold standard in service management (previously authorized – now updated to v21.3) BMC Helix empowers organizations to: * Enable proactive service resolution, providing the ability to monitor, service, and remediate events as they occur * Accelerate agency enterprise modernization * Drive innovation as part of their digital transformation * Reduce costs and increase efficiencies * Deliver the industry-leading enterprise service management SaaS solution from the AWS cloud * Deliver the industry-leading enterprise operations management with AIOps SaaS solution from the AWS cloud * Leverage a modern persona based UX optimized across devices * Manage with powerful, stunning reports and visualizations allowing data driven insights Optimized for ITIL® 4, a leader in the Gartner Magic Quadrant for IT Service Support Management Tools and optimized specifically for government agencies, BMC Helix is hosted in the FedRAMP compliant Amazon Web Services (AWS) cloud and can be tailored to the needs of any agency with rapid implementations, flexible configuration, huge scalability and easy upgrades. Agencies using this service * Corporation for National & Community Service (CNCS) * Department of Agriculture * Office of Personnel Management * United States Forest Service

Apricot for Government

FedRAMP Authorized

Boomi AtomSphere is a cloud-native integration Platform-as-a-Service (iPaaS) technology that lets you connect everyone to everything. As a SaaS - based technology it is faster, easier to use, less costly, and more flexible than legacy integration tools and techniques. As a pioneer and leader in Gartner's Enterprise iPaaS Magic Quadrant for 8 years in a row, the Boomi SaaS AtomSphere Platform has been solving the needs of government customers with end-to-end capabilities by integrating applications, systems, and connecting people. Boomi delivers in three key areas for our customers: - Modernization and Digital Transformation: Boomi is a key part of any modern IT foundation and enables the transformation of operations, ensuring proper connectivity and smooth data exchange when applications and infrastructure are migrated and consolidated. - Accelerating Cloud Smart Adoption: Speeding up cloud adoption to boost operational efficiency and implement shared services to foster collaboration and increase engagement. - Improving Constituents' Experience: Bringing together workforce processes and workflows from across organizations for a streamlined approach to customer experience and serve employees, partners, contractors, and citizens better. Covered by our FedRAMP Authorization are the following cloud products: - Integration: Overcome IT complexity and break down data silos by integrating on-premises and cloud application, various data sources and devices with Boomi Integration. Create a fabric of connectivity to unlock productivity and thrive within your digital technology foundation. Boomi Integration accelerates time to value leveraging a drag and drop UI, data mapping tools, and a comprehensive library of connectors, coupled with support for various integration patterns enable you to build any integrations with exceptional speed. - Master Data Hub (MDH): Boomi Master Data Hub is a cloud-native master data management (MDM) solution that sits at the center of the various data silos within your organization - including your existing MDM solution, to provide you an easy to implement, scalable, flexible, and secure master data management hub as a service. - API Management (APIM): Boomi API Management supports the full lifecycle of APIs in a hybrid environment. Configure APIs and expose real-time integrations effortlessly. Centrally test and deploy APIs and enforce contracts and policies with an API gateway. Monitor the health of APIs with usage dashboards and engage API developers using the catalog and developer portal. - B2B/EDI Management: Effectively integrate with your vendors, suppliers, distributors, partners, and marketplaces to simplify processes and trade smarter. Built-in support for a wide variety of traditional and modern EDI standards including XML, X12, EDIFACT, HC7, RosettaNet, Tradacoms, as well as the ability to define custom standards. - Flow: The drag-and-drop interface simplifies how agencies connect data across systems, replace manual processes, and collaborate cross-functionally. Flow allows you to build applications at scale, easily connect your data and flexibly deploy apps anywhere they are needed. - Boomi Managed Cloud Services (MCS) leverages the Boomi Public Cloud solution and provides further isolation and ancillary services in support of a Boomi Private Cloud. The service has been engineered to address security at three distinct points: network, application, and data; this three-tiered security approach is designed to protect data from unauthorized parties, keep it safe in transit and at rest, and allow customer access as needed. Boomi manages all aspects of MCS runtime instances, sparing MCS customers any work involved in configuring, monitoring, and managing hardware and software for Boomi processes.

Supply Chain Master Catalog (SCMC) Government Cloud Solution

FedRAMP Authorized

Box Enterprise Cloud Content Collaboration Platform

FedRAMP Authorized

Omega Charge Management System

FedRAMP Authorized

Asset Management Suite (AMS)

FedRAMP In Process

FedRAMP Authorized

Symantec Gov Cloud Security (GCS) - High

FedRAMP Authorized

Symantec Gov Cloud Security (GCS) is designed to provide security to U.S. government agencies’ networks and protection for their information. It leverages common foundational components that support several individual Symantec cloud services in a single boundary. The following Symantec solution(s) are FedRAMP authorized: - Symantec Gov Cloud – Web Protection Symantec Gov Cloud – Web Protection, which includes the Symantec Cloud Secure Web Gateway (Cloud SWG), allows federal agencies to apply network security policies across web and cloud applications. It helps protect users with web and cloud security services that connect all devices to a FedRAMP-authorized intelligent control point for high-performance, cloud-based threat protection services. Configure and enforce web and cloud application access-control policies that streamline security operations and reduce operational and maintenance costs, while also improving user productivity. - Deliver the foundation for a complete Security Service Edge (SSE) solution through a single SKU. - Authenticate users and enforce user, group, and location-based security controls, regardless of their location or device. - Simplify the user experience through a single agent that orchestrates inspection through multiple layers of security. - Control employee access to Shadow IT cloud apps (unsanctioned cloud applications) to reduce the attack footprint, and ensure security, while maintaining productivity. - Deliver a proxy-based architecture that delivers Secure Web Gateway and Advanced Threat Protection that terminates, inspects, and controls high volumes of web and cloud traffic, even when it is SSL/TLS encrypted. - Set policies based on website content-based classifications and threat risk levels for consistent and acceptable use and prevent users from accessing known and unknown malicious sites. - Classify URLs in 80+ categories covering more than 50 languages for comprehensive analysis and threat detection. - Enable application-level point-to-point connectivity, cloaking all resources from the end-user devices and the internet. - Block high-risk and advanced threats with multilayer file inspection to prevent the download of malicious files that will compromise the agency’s security. - Threat Risk Levels – Set web access policies based on a URL’s relative level of threat risk. Symantec Gov Cloud – Web Protection delivers an added layer of protection that actively safeguards an agency’s digital assets. User-based licensing of Symantec Gov Cloud – Web Protection provides the option to also deploy any number of on-premises appliances (physical or virtual), depending on an agency’s use case for either a full cloud, on-premises Edge SWS, or hybrid solutio

FedRAMP Authorized

Canon Office Cloud – Managed Print Services

FedRAMP Authorized

Casepoint Government

FedRAMP Authorized

Cellebrite Government Cloud (CGC)

Gen3 Data Ecosystems Platform

FedRAMP Authorized

Gen3 Data Commons Service

FedRAMP Authorized

FedRAMP Authorized

Customer Feedback Management System (CFMS)

FedRAMP Authorized

Momentum Enterprise Suite

FedRAMP Authorized

CGI Federal IaaS Cloud

FedRAMP Authorized

Sunflower Asset Management Cloud (SAMC)

FedRAMP Authorized

FedRAMP Authorized

Electric Vehicle Infrastructure Platform for Government

FedRAMP Authorized

Check Point Infinity Platform for Government

FedRAMP In Process

Check Point Infinity Platform for Government is designed to provide a robust, unified cybersecurity solution tailored to meet the stringent security and compliance requirements of federal agencies. This platform integrates advanced threat prevention, secure email, and centralized management capabilities to safeguard federal data and systems against evolving cyber threats. The initial package includes the following components: Harmony Email: This solution provides advanced protection for email such as Microsoft 365 and GMail, against phishing, malware, ransomware, and account takeover attacks. It ensures secure communication and collaboration for federal agencies by leveraging AI-driven threat detection and prevention. ThreatCloud AI: ThreatCloud AI serves as the backbone of Check Point's threat intelligence ecosystem. It aggregates and analyzes global threat data in real-time, enabling proactive identification and mitigation of threats. ThreatCloud ensures that federal systems are continuously updated with the latest threat intelligence to prevent zero- day attacks and other sophisticated cyber threats. Infinity Portal: The Infinity Portal acts as a centralized management console, providing federal agencies with a single pane of glass to manage their cybersecurity posture. It enables streamlined policy enforcement, real-time monitoring, and comprehensive reporting, ensuring compliance with federal security standards. System Functionality and Use Case The Check Point Infinity Platform for Government is designed to: Protect Federal Systems and Data: By integrating advanced threat prevention and real-time threat intelligence, the platform safeguards federal systems against known and emerging cyber threats. Enhance Collaboration Security: Harmony Email and Collaboration ensures secure communication and collaboration within and across federal agencies, reducing the risk of data breaches and unauthorized access. Simplify Security Management: The Infinity Portal provides centralized visibility and control, enabling federal IT teams to efficiently manage their cybersecurity infrastructure and maintain compliance with federal regulations. Support Cloud-First Initiatives: The SaaS-based architecture aligns with federal cloud adoption strategies, providing scalability, flexibility, and cost efficiency. Federal Data Stored, Processed, or Transmitted: The "Check Point Infinity Platform for Government" is designed to handle various types of federal data, including: Personally Identifiable Information (PII): Such as employee or citizen data processed through email and collaboration tools. Sensitive But Unclassified (SBU) Data: Including internal agency communications, reports, and operational data. Controlled Unclassified Information (CUI): Such as data related to federal programs, contracts, or research that requires safeguarding. Threat Intelligence Data: Aggregated and analyzed within ThreatCloud to enhance the security posture of federal systems. The platform ensures that all data is stored, processed, and transmitted in compliance with federal security standards, including encryption in transit and at rest, access controls, and continuous monitoring to detect and respond to potential threats.

Chronus for Government

FedRAMP Authorized

FedRAMP Authorized

CirrusMD Virtual Health Chat for Government

FedRAMP Authorized

Spaces for Government

FedRAMP In Process

AppDynamics GovAPM

FedRAMP Authorized

Cisco Unified Communications Manager Cloud for Government (Cisco UCM Cloud for Government)

FedRAMP Authorized

Cisco Unified Communications Manager Cloud for Government (Cisco UCM Cloud for Government) is a complete unified communications service from the Cisco Cloud. It is built to provide government-level security so that organizations can collaborate with anyone, anywhere, on any device. The service is hosted by Cisco, sold by Cisco Powered partners. Cisco UCM Cloud for Government provides these core services: Voice and Video Calling:Simplify with industry-leading voice and video as a service. Cisco UCM Cloud for Government provides voice and video call control and supports Cisco's newest voice and video endpoints ranging from desktop phones, immersive video rooms and mobile and desktop clients. Voicemail and Integrated Messaging:Access messages the way you prefer from your desk phone, mobile phone, or desktop client. Instant Messaging and Presence:Cisco Jabber lets you find the right people, see if and how they are available, and collaborate using your preferred method. Use Cisco Jabber for presence, instant messaging (IM), voice and video calling, voice messaging, desktop sharing, and conferencing. Single App Experience:Webex for Government and Webex App allows customers to call, meet, and message on any device with a single unified application from Webex. Webex App brings together Cisco UCM Cloud for Government call control along with market leading Webex Meetings technology and advanced team collaboration capabilities including persistent messaging and file sharing. Conferencing:Use Cisco conferencing solutions to meet and manage meetings and projects in real time, to present, share, or collaborate from anywhere, anytime, on any device. Mobility:Cisco UCM Cloud for Government gives your mobile and remote users the freedom to be productive from anywhere, on any device. Give users one number to dial, redirect incoming calls to designated phones, move calls between a Cisco desktop and mobile phones, create personalized access lists, and give access to all your corporate collaboration features from mobile phones using Webex App or Cisco Jabber.

Cisco Cloudlock for Government

FedRAMP Authorized

Cisco Meraki for Government

FedRAMP Authorized

Webex for Government

FedRAMP Authorized

Webex for Government addresses the U.S. public sector’s collaboration needs in a single, secure package, relieving customers of the complexity of managing multiple point products from different vendors. The Webex for Government Suite provides a core set of capabilities that enable a hybrid workforce to collaborate securely and effectively from anywhere, on any device, and with anyone. Those core capabilities include: • Webex for Government Meetings simplifies your company’s workflows at scale. Equip your team with the most powerful tool to meet and exceed your agency’s goals. • Webex for Government Messaging keeps work flowing in between meetings with rich messaging and secure file sharing for continuous teamwork. • Webex for Government Calling is a proven cloud calling solution that delivers enterprise-grade calling functionality, enabling you to replace your on-premises PBX network with a globally trusted cloud calling solution. Webex Calling also provides powerful tools like voice queues and call routing to strengthen customer relationships. • Webex for Government Webinars simplifies webinar delivery and drives engagement with immersive content and interactive audience experiences. • Webex for Government Control Hub provides a centralized and comprehensive administrative portal for all your collaboration services. Whether you need to collaborate with remote colleagues, reach hybrid users, host webinars, address customer complaints, or offer technical support remotely, the Webex for Government Suite is the secure, compliant, collaboration solution. With Webex for Government Suite, you can reimagine your work by optimizing collaboration through AI-enabled software and hardware. It also helps you to reimagine your workspaces through collaboration devices that are purpose-built for your diverse needs and spaces. This collaboration solution can take your hybrid work setup from “good enough” to one that empowers your teams to collaborate seamlessly and securely so that you can focus on delivering additional business outcomes.

Cisco Umbrella for Government

FedRAMP Authorized

Cisco Umbrella for Government is a Cloud driven Secure Internet Gateway that provides protection from Internet based threats, for users wherever they go. Umbrella’s network is capable of processing billions of requests per day, analyzing and learning internet activity to determine where attacks are being staged, so it can block requests to unwanted and malicious destinations before a connection is even established. Cisco Umbrella for Government is a SaaS environment hosted on AWS GovCloud providing Cisco Umbrella services to government customers. Umbrella services hosted within Cisco Umbrella for Government are based on Cisco product lines available to end customers. The Cisco Umbrella for Government environment is designed and operated based on security compliance and operations best practice by automating the build and operational processes as much as possible using Infrastructure as Code (IaC), CIS benchmarks, vulnerability scanning, continuous monitoring of critical security controls and a managed system development process to obtain initial and continuous FedRAMP Moderate Approval to Operate (ATO). With the initial ATO, Cisco will be launching DNS-layer-security initially, GovDNS: DNS-layer security helps protect customers users on and off the network by stopping threats over any port or protocol before they reach customer network or endpoints. This will be followed by Secure Web Gateway, Cloud delivered Firewall, CASB, and DLP features. Cisco Umbrella for Government is hosted within AWS GovCloud as the Cloud Service Provider (CSP) which assures product lines are maintained in a secure and trusted environment. Umbrella for Government boundary includes the Production environment consisting of virtual compute, storage, databases, and internal management web applications. Umbrella for Government’s external Identity Provider (IdP) Okta (IDaaS Regulated Cloud) is used in tandem with AWS IAM supporting Single Sign-on (SSO) services. Duo Federal is used for multifactor authentication (MFA). Cisco Umbrella for Government meets GovCloud Moderate requirements with specific categorization of Moderate Confidentiality, Moderate Integrity, Moderate Availability (M-M-M) with no privacy data overlay based on the FedRAMP Federal Information Processing Standard (FIPS) 199 Categorization Template. Cisco Umbrella for Government is designed with defense-in-depth protection for hosted applications and workloads using network filtering, multifactor authentication, transport layer security, data-at-rest protection, near real time audit collection and analysis, intrusion detection, vulnerability analysis and system backups.

Cisco ThousandEyes for Government

FedRAMP In Process

Cisco Catalyst SD-WAN for Government (SDWAN-G)

FedRAMP Authorized

Cisco Catalyst SD-WAN for Government (SDWAN-G), powered by Cisco Viptela/IOS XE, is a highly secure, cloud-scale architecture that is open, programmable, and scalable. All vetted and monitored through the rigorous FedRAMP authorization process. Use it to connect data centers, branches, campuses, and colocation facilities to improve network speed, security, and efficiency. Cisco Catalyst SDWAN-G is a cloud-delivered overlay WAN architecture connecting branches to data centers and multi-cloud environments through a single fabric and single pane of glass. Cisco Catalyst SDWAN-G helps ensure a predictable user experience for applications optimized for SaaS, IaaS, and PaaS connections. Comprehensive on-premises and cloud-based security protect against cyberthreats while enabling IT teams to accelerate the transition to a Secure Access Service Edge (SASE) architecture where and when it is needed. Cisco Catalyst SD-WAN Government (SDWAN-G) is owned, operated, and supported directly by Cisco for use in government offerings, providing the following capabilities: - Enhanced Visibility: Extend your network visibility and observability with our core government self-service portal. You'll gain actionable insights to help you transform network operations from reactive to highly proactive model. - Right Security, Right Place: On-premises or cloud-based security with secure SDWAN-G helps to accelerate the transition to a secure access service edge (SASE) architecture where and when it's needed. - Operational Simplicity: With a highly visualized interface and intuitive user experience for simplified configuration, management, operation, and monitoring across the Cisco Catalyst SDWAN-G fabric. The Cisco Catalyst SDWAN-G solution comes with pre-configured templates to automate and expedite the deployment of most common use cases. Guided step-by-step configuration designed to intelligently expedite onboarding of new devices, and full integration of unified communication, and security into Cisco Catalyst SDWAN-G. The Cisco Catalyst SDWAN-G solution is segregated into four planes with four key components: Manager - In the management plane, the Cisco Catalyst SD-WAN Manager is the centralized network management system and represents the user interface of the solution. Network administrators and operators can configure, provision, troubleshoot, and manage the entire overlay network from a simple graphical dashboard. Validator - In the orchestration plane, the Cisco Catalyst SD-WAN Validator automatically orchestrates connectivity between edge devices and Controllers. The Validator is largely responsible for the provisioning process as well as first-line authentication, control/management information distribution, and facilitating Network Address Translation (NAT) traversal. Controller - In the control plane, the Cisco Catalyst SD-WAN Controller is the component responsible for enforcing policies centrally. When branches come online, their routing information is exchanged with the Controller and not directly with other branches. The Controller works with the Validator to authenticate edge devices as they join the network and to orchestrate connectivity among the edge devices. Edge Devices - In the data plane, the Edge devices are responsible for establishing the network fabric and handle the transmission of data traffic. Edge devices come in multiple forms, virtual and physical, and are selected based on the connectivity, throughput, and functional needs of the site. The operating system of the Edge devices is securely developed and tested as part of Cisco’s Secure Development Lifecycle (CSDL) prior to releasing a version for the customer to deploy. In-boundary scanning of the operating system deployed with Edge devices for Cisco Catalyst SDWAN-G are scanned as part of Cisco’s continuous monitoring strategy. Collectively, the architecture of the Cisco Catalyst SDWAN-G fabric simplifies IT operations with automated provisioning, unified policies, streamlined management to help ensure rapid updates and resolutions, advanced network functionality, resiliency, and security. From a single pane of glass, Cisco Catalyst SDWAN-G helps organizations avoid complex configurations and frequent policy changes that lead to uneven user experiences, thereby increasing overall network efficiency and reliability.

Citrix for Government

FedRAMP Authorized

Social Media Archiving

FedRAMP In Process

FedRAMP Authorized

Clarivate Intellectual Property AI & Image Search Platform (CIPAI-ISP)

FedRAMP Authorized

FedRAMP In Process

Cloudera for Government

FedRAMP Authorized

Cloudera for Government is a secure and governed cloud service platform that offers a broad set of enterprise data cloud services with data analytics and artificial intelligence functionality. With Cloudera for Government, users can create and manage secure data lakes, self-service analytics, and machine learning services without installing and managing the data platform software. Cloudera for Government services are managed by Cloudera, but the customer’s data remains under their control in their AWS cloud account. Cloudera for Government lets customers: • Control cloud costs by automatically spinning up workloads when needed, scaling them as the load changes over time and suspending their operation when complete. • Isolate and control workloads based on user type, workload type, and workload priority. • Combat proliferating silos and centrally control customer and operational data across multi-cloud and hybrid environments. Cloudera for Government contains several layers of infrastructure, operations software, networks, and the CDP services. The two primary components of the solution are the CDP Control Plane and the Customer Workload Environment. The CDP Control Plane provides a set of core services that perform several functions across the platform. Control Plane services are implemented in a microservice architecture running on Kubernetes. These services can be configured and scaled independently based on their function. Each service performs a specialized function, and services can also communicate with other services within the Control Plane. Each set of microservices that performs a specific function is isolated from other sets of microservices. This segregation permits each set of microservices to have its own identity, allowing for differentiation of access between system components. The Workload Environment is a cloud account that has been associated with a customer tenant inside the Control Plane. A tenant is a group of users that share access to a specific set of resources and a billing relationship with Cloudera. In general, each Cloudera for Government customer is a single tenant, but large organizations may have multiple tenants. When a CDP service, such as a data lake, gets created, it gets created within a Workload Environment. The customer Workload Environment is separate from the Control Plane and resides within the customer’s AWS account outside the system authorization boundary.

Cloudflare for Government

FedRAMP Authorized

SafeShare (SFS)

System Functionality: SFS is a zero-trust data security, sharing, and collaboration web platform that uses Cocoon Data-patented technology called Secure Objects to apply the principles of least privilege to the document level. SFS is a system similar to services such as Google Drive or Box. It enables the customer to securely share files and collaborate on them within the SFS web app. The difference is in how SFS implements encryption and the concept of zero-trust security with these files by encapsulating them in Cocoon Data-patented technology called Secure Objects. Each file has a unique encryption key tied to identity and access controls attributes such as clearance and classification. The SFS SaaS solution allows customers to securely store, share, and control access to encrypted files and folders within the customer’s organization, outside the authorization boundary, and from mobile devices through a self-contained unit called an “organization.” An organization (deployed customer tenant) is self-contained, meaning that the sharing and manipulation of content is handled solely within the scope of the organization itself; therefore, any SFS user’s ownership of content (including permissions to access the customer’s content/data) is specific to each organization. Through the implementation of Secure Objects, the identity of the user is validated through the identity provider (Lightweight Directory Access Protocol [LDAP], Personal Identity Verification [PIV], etc.) that ties the identity of the data owner to its associated encryption keys. Secure Objects must be associated with a key (for encryption) and an originator (data owner). Customers have the option to designate collaborators, metadata, and apply extensive access controls to their data. SFS is available to customers with two options for tenancy: Customers may use the shared tenancy option where they receive their own Organization within the SFS application. This option logically separates customers within the SFS application but each file is encrypted using Cocoon Data’s proprietary Secure Objects technology and the Cocoon Data Content Crypto Service cryptographic module (CMVP# 4307). Customers may opt for the private tenancy option where they receive their own instances of the SFS Application. The customer would have their own custom URL for logging into the system and their own dedicated infrastructure. This option allows the customer to set up multiple Organizations as they see fit to further control which of their users can access what files they’ve uploaded to SFS. The private tenancy option is the recommended option for Federal Agencies as it offers the strongest separation measures from other customers. The services/functions provided to the customer by SFS are delivered via containerized services. Containerization is used across multiple availability zones for redundancy. The containers that run the service are the Content Service, Access Service, GeoFence Service, Notification Service, Web Service, Office Server Service, API Server, etcd, Controller and Scheduler. Content Service The Content Service contains the FIPS validated Cocoon Data Content Crypto Service (Certificate #4307). This service is responsible for handling the encryption keys, content encryption, version control, integrity checks and overall management of the data. Access Service The Access Service contains the Cocoon Data Access Service. This service is responsible for the access control to the Cocoon Data system, internal authentication, external LDAP authorizations, and SAML 2.0 authentications. It is also responsible for determining if a user has access to files or not based on a multitude of factors including but not limited to; clearances and classification, geographic location of the user and geofencing, user security roles, and security permissions. The scope of access to documents can also be further restricted so that users with access will only be able to perform specific actions on the file. An example would be giving a user view, but not download permissions.

FedRAMP Authorized

Cofense PhishMe

FedRAMP Authorized

Cofense PhishMe enables organizations to improve employee resiliency to phishing attacks through real-life simulated phishing scenarios. Thousands of the world's largest organizations in both public and private sector rely on PhishMe to condition employees to recognize and report phishing attacks. PhishMe enables trained awareness and compliance personnel to run simulated attacks using email templates that look like actual phishing attacks and includes on-the-spot educational content that displays when recipients click on one of the simulated phishing emails. For example, a scenario email might alert recipients that their (e.g. banking) credentials were compromised and ask the recipients to click a link in the email to reset their password. If a recipient does click the link, PhishMe displays educational content to help that individual recognize the characteristics of a phishing email. Through these safe examples, PhishMe customers can help their employees develop an awareness of the risks that real phishing emails pose and reduce their susceptibility of engaging with such emails in the future. To maximize the effectiveness of simulation campaigns and reduce the burden on awareness teams, Cofense PhishMe provides a combination of unique capabilities: - Content is based on real phishing attacks gleaned from real threat intelligence. That means that the scenarios you run are as realistic as possible, ensuring your organization is conditioned to the latest threats. - Responsive Delivery allows simulation operators to deliver phishing simulations while the user is active in their inbox, which drives higher scenario engagement. - Predefined playbooks with scenario recommendations based on user behavior and best practices. - PhishMe helps organizations transform their employees into the last line of active defense against phishing attacks - the leading cause of data breaches - through education, ongoing simulations, and an easy to use reporting tool, Cofense Reporter, so organizations can swiftly detect, respond to and thwart phishing attacks in their tracks.

LambdaX Contract Lifecycle Management (CLM) for Government

LambdaX is an AI-powered Contract Lifecycle Management (CLM) platform developed by Cognitus, designed to support the creation, negotiation, execution, management, and analysis of contracts. As a Cognitus product, LambdaX combines industry expertise with cutting-edge AI to deliver a robust solution tailored for government agencies, contractors, enterprises, and organizations requiring secure and efficient contract management. LambdaX offers a comprehensive suite of tools and features to streamline the entire contract lifecycle and can be deployed in various environments to meet FedRAMP-compliant security requirements. Core Functionalities: - Contract Creation – Tools for drafting, authoring, and assembling contracts, including support for templates and clause libraries. - Contract Negotiation and Collaboration – Features for internal and external collaboration on contract terms, including version control, redlining, and audit trails. - Contract Approval Workflows – Configurable workflows for routing contracts through internal and external approval processes. - Contract Execution – Support for electronic signatures and secure storage of executed contracts. - Contract Management – A centralized repository for storing and managing contracts, with search and reporting capabilities. - Obligation Management – Tracking of key dates, deliverables, and milestones within contracts. - Contract Analytics – Reporting and analytics on contract data, including risk assessment and performance metrics. - AI-Powered Features – Proprietary AI models developed by Cognitus enable: - Contract clause extraction and analysis. - Risk assessment and identification of non-standard clauses. Enterprise Integration: LambdaX provides API-based integration with external systems, ensuring smooth interoperability with enterprise platforms, including SAP, Salesforce, and other major ERP/CRM solutions. Security & Compliance: Built with Cognitus’ industry-leading security framework, LambdaX ensures compliance with FedRAMP, CMMC, and other federal security standards. Key security features include: - Role-Based Access Control (RBAC) – Granular control over user permissions and data access. - Multi-Factor Authentication (MFA) – Enhanced security for user authentication. - Encryption in Transit – All communication is encrypted using TLS 1.2 or higher. - Encryption at Rest – Data is encrypted using FIPS 140-2 validated cryptographic modules (where applicable). - Audit Logging – Comprehensive audit trails track all user activity and system events.

Cohesity Cloud Services for Government

FedRAMP Authorized

FedRAMP Authorized

Collibra Data Intelligence Cloud (CDIC)

FedRAMP Authorized

Commvault Cloud for Government

FedRAMP Authorized

Complete Discovery Source Federal Cloud (CDS-F)

FedRAMP Authorized

Concur Cloud for Public Sector

FedRAMP Authorized

Concur Cloud for Public Sector is a multi-tenant government-community cloud environment that hosts SAP Concur’s extensive suite of travel and expense cloud solutions, hosted on AWS GovCloud Infrastructure. Concur Cloud for Public Sector is designed for the U.S. Public Sector, managed by SAP Concur personnel on U.S. soil, and ensures data security, confidentiality, and availability without compromising usability standards of travel and spend management solutions. SAP Concur U.S. soil requirements do not necessarily extend to external services leveraged by Concur Cloud for Public Sector. Customers can be federal, state, local, tribal, territorial, federally funded research centers (FFRDCs), contractors working on behalf of the government, or lab entities. Concur Cloud for Public Sector provides a comprehensive environment the complex processes of government travel and expense. Users are able access the Federal Travel Regulation (FTR) and the Joint Travel Regulation (JTR) compliant Concur Cloud applications via standard web browsers or on smartphone with our SAP Concur mobile app. Concur Cloud for Public Sector brings commercial functionality and scalability to government agencies while still meeting government-mandated security and regulatory needs. Concur Travel and Expense: Includes a web application portal to communicate with system users and provide access to all services. The web application gives users the ability to facilitate travel booking services, change travel reservations, and authorize travel. From expense reports to pre trip approvals and expense reimbursements, the web application provides accurate accounting to government systems in compliance with the Federal Travel Regulation (FTR) and the Joint Travel Regulation (JTR). Users access applications within Concur Cloud for Public Sector by using standard web browsers via a URL or by using SAP Concur mobile applications for supported smart phone and tablet computer platforms. All data collected by SAP Concur applications is made available to customers via reporting enabled by the Cognos reporting tool that provides reports and the ability to create and/or manage new reports. ConcurGov: SAP Concur's travel and expense solution provided to US Federal Civilian customers under the ETS2 contract. ConcurGov includes a few additional services from CTE, such as GovPay, within Concur Cloud for Public Sector. Global Distribution Systems (GDSs): Travel content aggregators that sell content on behalf of airlines, hotels, rail, and rental car companies. Many organizations that provide travel services sell their content only through one or more GDS. Direct Connect Providers: Travel providers (airlines, hotels, rail, and rental car companies) that do not use GDSs but instead sell their travel content directly. Travel Management Companies (TMCs): Travel management companies that book travel on behalf of agency users, provide reservation fulfillment, reporting, and mid- and back-office systems as part of the entire end-to-end travel reservation process. E-Receipt Providers: Travel providers (airlines, hotels, rail, and rental car companies) that electronically transmit electronic receipts to SAP Concur for inclusion in travel voucher requests. Other Services: The following SAP Concur CTE products and services are available in CCPS: Advanced Care Budget Central Reconciliation Client Web Services Company Bill Statements Consultative Intelligence Custom Connector - Expense Detect by Oversight Concur Travel (Direct and Indirect) Essential Care Concur Expense ExpenseIt Extract Services Intelligence Production Sandbox Environment Concur Request SAP Integration Select Care Concur Travel & Expense TripLink User Support Desk for Public Sector

Confluent Cloud for Government (CCG)

Enterprise Cloud Fax Government (ECFax)

FedRAMP Authorized

Valiantys Federal (Formerly Contegix)

FedRAMP Authorized

Storm Cloud Contact Center

FedRAMP Authorized

FedRAMP Authorized

Copado GovCloud

FedRAMP Authorized

Project Portfolio Management (PPM)

Coralogix U.S. GovOps

FedRAMP Authorized

FedRAMP Authorized

Unified Talent Management Suite (CUTMS)

FedRAMP Authorized

Cornerstone Unified Talent Management Suite (CUTMS) – GovCloud

FedRAMP In Process

FedRAMP Authorized

Coupa Spend Management for Federal

FedRAMP Authorized

Exiger Federal Cloud (EFC)

FedRAMP Authorized

Federal Immersive Learning Management System (FED-ILMS)

FedRAMP In Process

The Federal Immersive Learning Management System (FED ILMS) is an Immersive Learning Management System (ILMS) which allows for training to occur in multiple modalities. Includes: - Live Meeting (Webinar Capabilities) - eLearning (SCORM, xAPI, CMI5, etc.) - On-Demand Video content - Documents - Immersive Learning (3D based serious gaming, in multi-player or single player mode) User interactions are tracked for the purposes of determining when the user has met requirements of various courses. In addition, the application has the following features: Accreditation System: Application has a complete accreditation system, which allows for the tracking of certificate requirements for any content in the system and puts the user through a number of requirements in order to achieve certification. This includes pre/post tests, evaluations, confirmation of acceptance, etc. Event Registration System: System has a complete registration system to manage Live Webinar registration as well as course registration. Exhibit Hall Capabilities: Create the ability to create templated “Spaces” or content areas that can be edited by “space editors” which includes a complete capability for the delegation of editing content in the space to the right department or person that manages that space. Spaces create an area where the “exhibitor” can share documents, live chat, provide contact information, display videos, and have “Ad-Hoc” live meetings. Open AI: Application will, through the use of Cognitive Search, index the content in the application tagging it to a particular space, exhibit space, webinar, eLearning course, etc. This indexed content is then integrated with Open AI using the RAG pattern to feed the LLM to have a conversation within the content, which is context based (within a space, related to a course, etc.) Game API: External immersive learning experiences (serious Games) use the Game API to manage the user’s session, which includes the ability to set and get user progress, mark objectives as met, etc. In addition, the Game API allows for the management of VoIP in the case of multi-player games, and also for the real-time communications using Sockets over https for presence management and other real-time multi-player communication needs. Search Capabilities: Application has a comprehensive search feature which allows users to search the system across all content types and one click open the content from the search results, whether this content is a Webinar, an Exhibit Space, a Serious Game, or a Document. Rating and Favorites: System has the ability for the user to rate (providing this is enabled), and mark any content or space in the system as favorite, and this shows up in the user’s favorites as well “My Office” My Office: This is the space within the application where the user sees all of the training they have done, can print certificates, finish any certificate requirements they have not completed on any of the course or content they have consumed, access their favorites, edit their profiles, etc. Social Features: Application has real-time group chat and real-time one-on-one chat available throughout the application for real-time chat scenarios. This is useful within the context of spaces, live webinars, etc. The application also has a simple moderated Forums capability to allow the user to participate in forums which can be scoped to a space, content, or general in nature. CMS: The application has an administrative interface, called the “CMS” which allows the client administrator to manage all aspects of the platform. Access can be granularly assigned to only the features required, through which elevated access can be made available to manage system settings which are sensitive in nature.

CrowdStrike Falcon Platform for Government

FedRAMP Authorized

Composite Apps/ CuraPatient

CyberArk Identity for Government

FedRAMP Authorized

CyberArk Identity is a cloud-based identity and access management solution that unifies many of the essential identity and access management services such as single sign-on (SSO), multi-factor authentication (MFA), and automation of user lifecycle management (LCM) (on-boarding and off-boarding). Using CyberArk Identity, Government Organizations can secure access to all the critical resources (applications, devices, IaaS, PaaS, VPNs etc.) across on-prem, in the cloud or hybrid. CyberArk Identity Standard and Adaptive SSO and Application Gateway - The CyberArk Identity App Catalog comes with thousands of application connections by default, but administrators can use a template to add any application to the catalog that is not already there and set up the authentication method through a variety of mechanisms, such as SAML, OpenID Connect (OIDC), OAuth2, WS-FED, or even username/password. CyberArk Identity App Gateway enables VPN-less access to legacy on-prem applications. It allows companies to set up a per-application, per-user access to individual legacy applications. CyberArk Identity Standard and Adaptive MFA - CyberArk Identity Standard Multi-factor Authentication (MFA) includes methods such as Security Keys, FIDO 2 Passwordless authenticators, Smart Cards, SMS/Email OTPs and Magic Links. These MFA methods are supported for all targets such as Windows Workstations, Servers and Macs, virtual desktops, VPNs, Web Apps, RADIUS Servers, 3rd party IDPs. CyberArk Identity Adaptive MFA allows customers to configure the solutions to consider various static and dynamic contexts such as device, location, network, day, time etc when evaluating access requests and applying authentication policies based on that. CyberArk Identity Standard and Advanced Lifecycle Management Standard Lifecycle Management (LCM) includes pre-integrated application provisioning and deprovisioning, AD sync and licensing for O365, self-service app request and automated approval workflow, app entitlement management, reporting and SIEM integration. Advanced Lifecycle Management includes inbound provisioning from HCM apps such as Workday, SuccessFactors, Bamboo HR, and Ultipro, as well as custom provisioning based on SCIM. CyberArk Identity Cloud Directory and Connector for On-Prem Directory Integrations Customers can also utilize the Identity Cloud Directory or install the Identity Connector inside their firewall to enable communication between their internal repositories (AD or LDAP) and the Identity services. The following customer side components are authorized as part of the CyberArk Identity for Government offering: CyberArk Identity Connector, CyberArk Windows Cloud Agent, CyberArk Mac Cloud Agent, CyberArk Identity Browser Extension, CyberArk Identity Mobile application for iOS.

CyberArk Endpoint Privilege Manager (EPM) for Government

FedRAMP Authorized

CyCloud - VMware Cloud Foundation ( VCF )

Cyware Cyber Fusion Center (CFC)

Cyware Labs, Inc. (Cyware) Cyber Fusion Center (CFC) is an offering of full-stack Cyber security solutions for strategic, tactical, and operational intelligence sharing and threat response automation as well as orchestration services. Cyware Labs, Inc, Cyber Fusion Center (CFC) - Modules are - 1. CFC Threat Intel Exchange (CTIX) includes Threat Intelligence Platform (TIP) 2. CFC Collaborate (CSAP) 3. CFC Respond (CFTR) 4. CFC Orchestrate (CO) CFC Collaborate (CSAP): A mobile-enabled automated alert aggregation, dissemination, and strategic threat intelligence sharing platform for real-time situational awareness and enhanced collaboration between an organization’s security teams. Features include machine-to-machine orchestration, machine-to-human, orchestration, human-to-machine orchestration, role, location, and business alignment-based alerting, Cyware alerts, mobile-enabled intel sharing, macro intel ingestion, and crisis notifications. CFC Threat Intel Exchange (CTIX): A smart, client-server threat intelligence platform (TIP) for ingestion, enrichment, analysis, and bi-directional sharing of threat data within an organization’s trusted network. Features include any-to-any threat feed orchestration, micro threat intel ingestion, a hub & spoke sharing model, enrichment, correlation, and analysis of data, internal intel ingestion, automated intel actioning, and a multi-level intel view. CFC Respond (CFTR): A threat response automation platform that combines cyber fusion, advanced orchestration, and automation to stay ahead of increasingly sophisticated cyber threats affecting organizations in real-time. Features include malware management, a connect-the-dots threat analysis, incident response & management, triage management, threat actor tracking engine, vulnerability management, custom dashboards and reports, and a case management workflow. CFC Orchestrate (CO): A universal, security orchestration gateway for executing on-demand or event-triggered tasks across deployment environments. Features include flexible API, system playbooks, powerful customization, audit playbook extensions, the ability to export and import logic, nested playbooks, and granular access control.

Cyber AI Mission Defense and Email Protection

FedRAMP Authorized

FedRAMP Compliant CloudPlus

FedRAMP Authorized

Databricks on AWS US East/West

FedRAMP Authorized

Databricks on AWS GovCloud

FedRAMP Authorized

Datadog for Government - High

FedRAMP In Process

Datadog for Government

FedRAMP Authorized

FedRAMP Authorized

Decision Lens Software

FedRAMP Authorized

Dejero Control and Concentrator

FedRAMP In Process

Evidence Management System (EMS)

FedRAMP Authorized

Deloitte GPS OpenCloud

Deloitte’s Government and Public Services (GPS) OpenCloud Cloud Managed Platform is an enterprise managed, multi-cloud Platform-as-a-Service (PaaS) that offers government enterprises and customers supporting U.S. government organizations with complex compliance requirements the ability to host their applications on their cloud platform of choice and leverage a range of pre-assessed security controls and operational benefits (e.g., automation, redundancy, auto-remediation) from the platform. The platform provides FedRAMP Moderate Impact Level security services for customers to consume, such as boundary and network protection, operating system and device hardening, vulnerability management, trusted patch repositories, malware detection, auto-remediation for policy enforcement, and 24x7 security information and event management (SIEM). The platform also offers a customer self-service portal in ServiceNow allowing customers to interact with platform engineers, architects and operators and submit general service requests. Additionally, operating system changes are monitored to confirm compliance with pertinent security policies. The platform provides the following additional benefits to our clients: • Accelerates time to complete Agency and FedRAMP ATOs for client workloads by leveraging a FedRAMP compliant security platform • Provides a mature security solution to meet federal security monitoring standards and guidelines (i.e., EO 14028, OMB M-14-03, OMB M-21-31, NIST SP 800-137) • Leverages FedRAMP JAB compliant cloud hosting platforms (i.e., AWS GovCloud, AWS US East/West, and Google Cloud Platform Assured Workloads) The platform includes the following key features: • Identity and access management to include account onboarding, offboarding and auditing • Network management to include secure remote access / VPN management, Network Access Control List / Network Security Group configuration and maintenance, Firewall Management with IDS / IPS and DDOS protection • Operating System support to include provisioning of hardened images, configuration management and provisioning of trusted patch repositories • Security Services to include OS vulnerability scanning, STIG / CIS benchmark scanning, endpoint security and logging / continuous monitoring • Certificate / secrets management for platform resources • Support for Common Access Card (CAC) / Personal Identity Verification (PIV) integration (upon customer request).

Replicon Cloud Platform (Enterprise Time Tracking Platform)

FedRAMP Authorized

Costpoint GovCon Cloud Moderate (CP GCCM)

FedRAMP Authorized

FedRAMP Authorized

DimensionalView®

Dexcom Clarity for Government

FedRAMP In Process

FedRAMP Authorized

Digital.ai Government Cloud

FedRAMP Authorized

Diligent One Platform (D1P)

FedRAMP Authorized

Diligent’s D1P GRC platform is the only enterprise-grade solution purpose-built to manage the full lifecycle of FedRAMP, DOD/DISA IL and CMMC compliance—from initial SSP development to ongoing POA&M updates, ConMon, and audit readiness. Designed with automation at its core and trusted by federal agencies, integrators, and 3PAOs, Diligent eliminates spreadsheet chaos and empowers teams to focus on actual security—not documentation. Purpose-Built for Complex Cybersecurity Compliance Diligent delivers deep automation and pre-configured workflows for: - FedRAMP (Low, Moderate & High) - DOD / DISA Impact Levels (2, 4, 5) - CMMC (Level 1, 2 and beyond) - NIST 800-53, NIST 800-171, SOC 2, and ISO 27001 and other major compliance frameworks - Support for custom frameworks and policy libraries Core Capabilities - Live SSP and ATO Package Management - Automatically generates and maintains OSCAL and human-readable SSPs. Track versioning, delta changes, and live control status from a single system. - Automated POA&M Generation and Updates - POA&Ms are created directly from scan data, control testing, or manual input. Linked to owners, evidence, due dates, and tracked in real time with alerting. - Continuous Monitoring, ConMon & Risk Insights - Real-time dashboards ingest data from 130+ tools including vulnerability scanners, cloud providers, HR systems, and ticketing platforms. Evidence collection is automatic and centralized for audit readiness. -Control Inheritance and Framework Mapping -Cross-map and inherit controls across frameworks. “Write once, apply many” saves time and ensures consistency for multi-standard organizations. -Multi-Tenant Partner and Reseller Enablement -Native support for MSSPs, C3PAOs, and resellers. Role-based access, tenant-level data separation, and white-labeled deployments available. -API and Integration Ecosystem -With over 130 out-of-box integrations and a robust open API, Diligent connects seamlessly to your stack—cloud, on-prem, or hybrid. Deployment & Security - Hosted on AWS GovCloud with three available options: FedRAMP moderate (primarily SLED), FedRAMP moderate and DOD IL5 (primarily for - Federal and some DOD), and FedRAMP moderate and DOD IL for DOD only (requires DoDIN access). - Built with security-first architecture, supporting unique customer keys, data segregation, and FIPS 140-2 validated encryption. What Sets Diligent Apart - FedRAMP, DOD and CMMC are core, not bolt-ons—we’ve built workflows around these frameworks from the ground up. - Automation beyond templates—real-time evidence ingest, compliance task enforcement, and live control dashboards. - Used by regulators, 3PAOs, integrators, and contractors—proven across the full compliance ecosystem. -Designed to scale—whether you’re managing 1 ATO or 50, Diligent supports your growth.

FedRAMP Authorized

AEON is a powerful business process automation and management Software as a Service (SaaS) developed by Distributed Solutions, Inc. (DSI) that solves complex business process needs across the Government. AEON has been successfully deployed for Program Office Management, Project Budgeting and Planning, Document Generation, Complete Acquisition Lifecycle Management, Contract Writing, Invoice and Deliverable Tracking, Grants and Audit Management, Vendor Engagement, and Collaboration Portals. AEON solutions provide no-code dynamic configurations, rapid implementation, and on-demand customer business process change. AEON's sophisticated modern software design enables seamless version upgrades guaranteed to maintain business process continuity and integration survivability while delivering new features. The AEON SaaS eliminates stovepipes across an enterprise by delivering common data standards, business processing rules, collaboration, and shared integrations; this design facilitates cost-effective scaling of multiple solutions on the same platform. AEON automates and modernizes business offices through the agile implementation of customer best practices, unique policies, Federal regulations (FAR/DFARS), stakeholder collaboration, digital signatures, workflows, evaluations, and other process management needs. Data can be accessed for real-time decision-making, business intelligence, interactive dashboards, and executive reporting. Available as an end-to-end solution, AEON is also capable of assisting customers seeking to improve their business process while maximizing existing investments in technology and human capital. AEON can leverage current customer environments to fill known gaps in legacy business tools and deliver significant process improvements. DSI's AEON software platform is built on the Microsoft stack for industry leading technology, performance, security, and maintenance. DSI partners with Project Hosts to deliver the AEON Solution in a FedRAMP compliant cloud hosted on Microsoft's world-class Azure Government infrastructure.

DLH Infinibyte Cloud

FedRAMP Authorized

Minsky No-code ML/NLP Knowledge Graphing Platform

FedRAMP In Process

DNAnexus Platform

FedRAMP Authorized

Docebo Learning Platform for Gov (DCBO-GOV)

FedRAMP Authorized

FedRAMP Authorized

DocuSign Federal (eSignature, Gen, Negotiate)

FedRAMP Authorized

FedRAMP Authorized

DX Engage Government Platform

Druva Data Resiliency Cloud

FedRAMP Authorized

DTEX InTERCEPT for Government

FedRAMP In Process

FedRAMP Authorized

Dynatrace Platform

FedRAMP Authorized

Trimble Unity Construct Government Edition

FedRAMP Authorized

Economic Systems Federal Human Resources Navigator

FedRAMP Authorized

FedRAMP Authorized

eGain Suite is delivered as a SaaS offering using a multi-tenant Government Only cloud computing environment. It is available to federal, state, local, and tribal governments, as well as research institutions, federal contractors, government contractors. The eGain Suite includes the following applications: • eGain Chat is a real-time chat assistance to website visitors. • eGain Cobrowse allows agents to provide real-time assistance to customers. Agent can share and co-navigate HTML and JavaScript content via web browser with a customer to provide support. • eGain CallTrack is a case management solution for the resolution of customer issues with call taking, logging, and tracking capability. • eGain Mail+Social handles large volumes of email, webform, and social inquiries with automated routing, workflows. Letter and fax interactions are also handled in this service, with PDF-based output. • eGain Secure Messaging is a secure email messaging system that authenticates the customer before allowing the viewing of confidential information. • eGain Knowledge+AI is a knowledge management software including AI that provides agents and other users answers from a common knowledge base • eGain SelfService+AI provides self-service experiences that enable customer self-service and enables context-aware escalations to live customer service agents if required by the customer. • eGain Virtual Assistant is a virtual agent providing a way for users to get answers and assistance on an organization’s website. A user chats with the virtual assistant (also called virtual agent or chatbot). The chatbot provides answers to any queries input within the chatbot. • eGain Notify, enables outbound notification messages to customers. • eGain Offers uses browsing behavior and other attributes, to proactively serve a targeted offer to website visitors. • eGain Contact Center Analytics is an analytics tool to measure, manage, interactions within contact centers with customers. • eGain Advisor Desktop is a desktop for contact center agents.

Eightfold Talent Intelligence Platform (TIP)

FedRAMP Authorized

FedRAMP Authorized

Elekta ProKnow Federal

FedRAMP In Process

Embrava Device Management System (DMS)

FedRAMP Authorized

Exchange Platform

FedRAMP Authorized

FedRAMP Authorized

FedRAMP Authorized

Connect and operationalize facilities, assets, and infrastructure securely. Archibus by Eptura connects the built environment to manage assets, facilities, and employees across portfolios while prioritizing security and protection of federal information. Archibus for Government has a robust FedRAMP offering that is centered on Archibus Web Central which organizes facilities and infrastructure management tasks in an intuitive web browser interface. Workplace Services module focuses on employee workspace booking, meeting room booking, and service requests. Archibus Space offers tasks for creating a space inventory -- a listing of the space that a company occupies, its occupiable and non-occupiable areas, how each department is using the occupiable areas, the common areas, and how personnel are assigned to rooms within the inventory. There’s also the capability to internally bill departments for their space usage and build from your current inventory to plan your future space needs. Sustainability & Risk module encompasses business applications that work proactively to forecast and minimize risks to the organization: its staff, its productivity, or its competitive viability. Real Property module helps create an electronic inventory of properties and leases, complete with detailed data on occupancy, leased-out and available area, taxes, regularly occurring required actions, compliance with regulations, costs, and more. Maintenance module helps manage reactive (on demand) maintenance and preventive maintenance by providing tools for scheduling employees and outside contractors, budgeting costs, routing work throughout the system, updating the system with details about completed jobs, and assessing performance and response. The Assets module includes applications that provide different levels of integration between asset management and the suite of Archibus by Eptura applications. Manage assets throughout the lifecycle; optimize the use and disposal of assets. Manage information targeted to the various stakeholders working with assets -- IT, finance, facilities, and department heads. Capital Projects module encompasses business applications that identify problems, identify funding, and plan capital to execute the strategic plan, which includes condition assessments, capital budgeting, individual capital project, and building commissioning.

EY Grants Accelerator

FedRAMP In Process

Esri Managed Cloud Services Advanced Plus

FedRAMP Authorized

ArcGIS Online (AGO)

FedRAMP Authorized

Critical Event Management Suite

FedRAMP Authorized

FedRAMP In Process

Everlaw Platform

FedRAMP Authorized

FedRAMP Authorized

Higher-Ed Platform (Alma, Primo, Leganto, Esploro)

FedRAMP Authorized

Exterro E-Discovery and Legal Software Platform

FedRAMP Authorized

The Exterro Platform is a single, natively built, fully integrated solution that unifies all of Exterro's E-Discovery and Information Governance products. Further, it includes our integration hub, which connects to the industry's broadest range of 3rd party tools, system applications, and data sources, orchestrating processes across applications and minimizing your cost of ownership. Products within The Exterro Platform: Employee Change Monitor Employee Change Monitor enables you to proactively take steps to mitigate risk associated with the change in any data field stored in your HR information system and shared with the Exterro Platform. For example, when an employee leaves your organization, a task can be issued to take a snapshot of her email box and backup her files, a system notification can be sent to alert Records Management of the change in employment status, and the employee can automatically be released from any active legal holds. File Analysis Exterro File Analysis provides the critical foundation for any Information Governance project by delivering the information you need to achieve your cost and risk reduction efforts. Intuitive and data-rich dashboards in Exterro's File Analysis software display key information about the content stored on your data sources such as network shares and SharePoint servers. Key document properties such as date created, last modified, access rights, metadata, and content type are displayed, providing the critical foundation for all your information governance cost and risk reduction activities. Proactively manage policies that support organizational goals by gaining insight into the content that matters most. Easily identify data that has business or legal value, such as sensitive data (e.g. personally identifiable or health information), files found outside retention guidelines or ESI on legal hold, to make informed business decisions. Data Mapping Build and maintain an up-to-date directory that mirrors your evolving data source inventory with Exterro Data Mapping. Identify important ESI repositories, eliminate irrelevant ones, and meet the most rigorous judicial and compliance standards. Legal Hold Say goodbye to manual, time consuming, and error-prone litigation hold processes with world-class legal hold software. With Exterro Legal Hold, you can: - Manage the entire legal hold process - from notifications, to interviews, to reminders, and more - in one place - Protect and secure data from accidental deletion with the In-Place Preservation module - Integrate with your HR system, and get notified of employee status changes, to mitigate the risk of spoliation and automate other operational processes with the Employee Change Monitor module - Quickly identify critical information from custodian data stored in Microsoft Office 365 prior to collection with the Office 365 Explorer module In-Place Early Case Assessment Perform early case assessment through a broad set of analytic and predictive intelligence capabilities that enable rapid identification of the most important documents in a dataset prior to collection. Uncover crucial documents and communications prior to 26(f) conferences to support your proportionality and strategic arguments. Collection and Processing Perform targeted collections and full e-discovery document review with a "one-click" ability to collect only the relevant files that are identified during ECA. Exterro supports the ability to connect to an ever growing list of 30+ on premises and cloud-based data sources, eliminating the need to send requests to multiple stakeholders to perform collections. Exterro is unique in the market by combining processing with collection and offering documents for review almost immediately after the collection process is started, thus saving you time and money while reducing risk associated with manual handoffs and promotions. In addition, our underlying technology has been built with the future in mind, able to easily and quickly process vast amounts of data without impacting performance for your users. ESI Vault The most architecturally advanced ESI storage available delivers significant cost savings, risk reduction, and powers productivity through cross-matter work product re-use and analytics. Maximize work product re-use via a real-time, fully integrated ESI vault that enables one-click repurposing of data across matters. Gain insight and optimize operations through cross matter analytics. Review Exterro's end-to-end, fully integrated platform ensures the shortest possible time to review from matter inception. Documents can be concurrently collected and processed from multiple data sources and seamlessly moved into review as data becomes available, without delays, handoffs, and complex promotion/staging procedures common in other platforms. Production Choose between Native, PDF, and TIFF production outputs depending on the requirements of your matter. Exterro supports industry-standard loadfiles, including Concordance®, Summation®, EDRM XML, and even custom loadfile. Exterro Production automates the entire production process, including imaging, branding, redaction application and loadfile creation into a single step, eliminating technical intervention and time-consuming handoffs. Legal Project Management Exterro Project Management is the only purpose-built project management system designed specifically to orchestrate the workflows and activities associated with e-discovery and other legal processes. Easily modified user-defined workflows coordinate all relevant tasks and activities, including preservation, collection, processing, review, and production.

ExtraHop RevealX Federal

FedRAMP In Process

FedRAMP In Process

FedRAMP Authorized

RMA iQ™ is delivered as SaaS offering using a multi-tenant Government Only cloud computing environment. It is available to the DoD, federal, state, local and tribal government communities as well as their respective contractors. Feith RMA iQ is a SaaS platform designed to support federal agencies in managing records efficiently. It helps Records Managers address challenges such as large volumes of records, complex retention schedules, and compliance with federal records regulations. Key Features -Automated Classification and Retention: Employs artificial intelligence to classify records and apply GRS and RCS retention schedules, reducing manual effort and improving accuracy. -Efficient Record Retrieval: Offers advanced search tools to help users locate records quickly, supporting timely responses to internal and external inquiries. -Seamless Integration: Integrates with various agency information systems, including M365, allowing staff to work within familiar platforms and minimizing training requirements. -Security and Compliance: Enforces role-based controls to safeguard CUI and PII, ensuring adherence to federal security standards. Optional Add-Ons -FOIA Workbench: Facilitates compliance with Freedom of Information Act requirements through tools for review, tracking requests, and redacting sensitive information. -Declassification Module: Streamlines declassification workflows, identifies sensitive content, and provides audit trails to maintain compliance. -Case Management: Centralizes case records, supports customizable workflows, and enables secure collaboration. -Document and Workflow Management: Enhances document handling with version control, metadata tagging, content sharing, workflow automation, and analytics. -RMA iQ supports federal agencies in securely and effectively managing records. By automating processes, integrating with existing systems, and offering optional tools for specialized Federal missions, the platform helps improve productivity, ensures compliance with regulations, and strengthens knowledge management across agencies. The system is a browser-based application with an optional client-side component (Feith Sync) that can be installed locally within the agency network to synchronize local file shares.

Figma for Government

FedRAMP Authorized

FedRAMP Authorized

FedRAMP Authorized

FMS:Employee for Government provides an innovative scheduling solution that delivers new levels of efficiency and productivity for your mobile, virtual, and traditional employees. From conference rooms and video conferencing facilities to shared workspaces and managed services, from small entities to large entities, the way work gets done has changed. FMS:Employee is a cloud-based, scalable platform that solves the most challenging workplace management issues offering cutting edge technology, integrated floorplans, integrated room panel hardware, availability sensors and expertise in implementation and change management. FMS:Employee empowers your workforce to connect and engage in today’s dynamic digital workplace with intuitive scheduling solutions that help organizations support the work-from-anywhere model and enable inspiring workplace experiences. Room, Resource, and Service Management - FMS:Employee is an online, cloud-based scheduling system for desk, room, and resource reservations. - Quickly find and reserve rooms, equipment, and services. - Comprehensive scheduling includes options for recurring, multi-day and multi-resource reservations. - Create reservations and sending meeting invites from the web, Outlook, or your mobile device. - Streamline internal operations with a dynamic service management system that includes inventory control and reporting. Integrated Solutions for Workplace Productivity - FMS:Employee can help you achieve your efficiency and productivity goals by reducing manual processes, improving collaboration, and increasing the productivity of your mobile workforce. - Seamlessly integrate room and resource scheduling with Microsoft Outlook. - Keep teams connected with integrations for WebEx, Crestron Fusion, and Cisco TMS video conferencing and more. - Streamline operations with an integrated visitor management solution that enforces security protocols. - Create a modern, tech-savvy workplace with digital signage, digital room panels, and interactive kiosks. Desk Sharing for Employee Engagement - With FMS:Employee desk management solutions, users can find and reserve shared workspace quickly and easily from the web, a kiosk, Outlook, or their mobile device. Find space by location, workspace type, or proximity to co-workers, visually on an interactive floorplan. - Drive program adoption with an intuitive user interface and mobile scheduling from multiple devices. - Support mobile and virtual workers with integrated tools for easy collaboration. - Leverage available sensor technology to track space utilization and measure program performance. - Visualize trends, analyze usage behavior, and make data-driven decisions about your real estate investment and workplace design.

ONE – Security Service Edge (SSE) – CASB/DLP/SWG/ZTNA/RBI

FedRAMP Authorized

FormAssembly Gov Cloud

FedRAMP In Process

General Support System (GSS)

FedRAMP Authorized

FedRAMP Authorized

Genesys Cloud CX

FedRAMP Authorized

Genesys Cloud™ is an AI-powered experience orchestration platform with a full suite of omnichannel contact center capabilities, built-in workforce engagement management (WEM) and artificial intelligence (AI). It is available to the public, federal, state, local, and tribal governments, as well as research institutions, federal contractors and government contractors. Features and capabilities include: All-in-One open platform - Genesys Cloud is a multi-tenant SaaS offering with a comprehensive set of native Contact Center-as-a-Service (CCaaS) product capabilities built on a single platform — running on Amazon Web Services (AWS). Native AI - Genesys Cloud has built-in conversational and predictive AI capabilities. It utilizes technologies such as predictive analytics, machine learning, and natural language understanding to automate, route and personalize interactions. Omnichannel routing - Genesys Cloud supports calls, email, web, text and social messages. A single routing engine leverages a variety of routing algorithms, evaluation and scoring methods to determine the next best action while maintaining context, intent, and desired outcome. Speech-enabled IVR & self-service – Genesys Cloud offers multilingual speech-enabled IVR with natural language understanding (NLU) technology. Automated bot assistants provide continuous support for routine queries. Workforce Engagement Management - A native suite of AI-powered WEM capabilities supports employee onboarding and includes workforce schedule management (WFM), coaching, speech & text analytics, quality management, performance management and gamification. Outbound campaigns – Genesys Cloud supports outbound dialing and digital campaigns for sending proactive notifications or contacting contact lists of people in accordance with programmable rules. Analytics and reporting – Genesys Cloud provides real-time dashboards and analytics for contact center management, with customizable reporting and drill-down capabilities for performance analysis. Integrations - The platform includes a rich set of open APIs, integration methods and an ecosystem of 600+ pre-built solutions and applications available via the AppFoundry® Marketplace.

Geotab Telematics Platform Government (GTP Gov)

FedRAMP Authorized

GetWellNetwork - Get Well Anywhere - Federal

FedRAMP Authorized

GitHub Enterprise Cloud

FedRAMP Authorized

GitLab Dedicated for Government

FedRAMP Authorized

Glassbeam Clinsights

FedRAMP Authorized

GTS VirtualHealth Platform (GTS-VP)

FedRAMP Authorized

Google Workspace

FedRAMP Authorized

Google Services (Google Cloud Platform Products and underlying Infrastructure)

FedRAMP Authorized

Google Cloud VMware Engine (GCVE)

Gordian Federal Cloud powered by RSMeans Data

FedRAMP Authorized

FedRAMP Authorized

FedRAMP Authorized

GovDelivery Communications Cloud

FedRAMP Authorized

FedRAMP In Process

HackerOne Continuous Security Testing Platform

FedRAMP Authorized

Healthcare Safeware

FedRAMP In Process

Healthcare Safeware® (Safeware®) is an enterprise software solution for healthcare quality and safety improvement. It allows for strategic targeting of quality and safety metrics requiring attention by supporting the workflow for case-based learning. Safeware® captures population-level process and system failures in care delivery by identifying, defining, quantifying, and analyzing events and opportunities for improvement. Safeware® can support multiple different case review workflows within the same healthcare site. Examples include reviews for suicide, inpatient and 30-day mortality, readmissions, falls, various patient safety indicators, etc. Safeware® can also document key portions of the ACGME criteria for Practice-Based Learning and Improvement (PBLI). Safeware® is configurable at the site level with the lowest levels of detail to include the location of care delivery (hospital floor, clinic, or external location), provider specialty, and patient. Safeware® was intentionally designed to support improvements in patient safety culture by not including specific names of frontline care team members involved unless a peer-review case is entered. Case reviews can be entered with or without PHI. Cases may be manually entered, or a CSV file containing unlimited cases can be uploaded. There is no direct connection to the electronic health record to minimize PHI data leakage. To ensure reliable data collection across healthcare systems (government and private sector), Safeware® contains a standardized taxonomy of events. It provides an additional assessment of those events by incorporating the ability to tag them with a translation of the DoD Human Factors Analysis and Classification System (HFACS) to clinical language. Safeware® users can add customized forms for data capture by patient population, outcome, or research project. These forms can be embedded within the case review at any stage within the workflow or sent as a survey form to an external team member to complete, with results auto-populating the respective case review. Safeware® provides analytics for improvement and learning, including visualizations of the results using Pareto diagrams, a statistical process control chart, heatmaps, and other traditional healthcare quality charts. All data entered can be used for visualization or downloaded to be used in other analytic tools.

Privacy Preserving Records Linkage (PPRL)

FedRAMP Authorized

Recruitment Assessments and Video Interviewing

FedRAMP Authorized

Hootsuite Enterprise

FedRAMP Authorized

HP Managed Services for Government

FedRAMP In Process

Huddle Enterprise Cloud Content Collaboration and File Sharing Portal for Government

FedRAMP Authorized

Federal High Impact Virtualized Environment (FedHIVE)

FedRAMP Authorized

Hypori Government Cloud

FedRAMP Authorized

Hypori’s approach to mobile security is analogous to Virtual Desktop Infrastructure (VDI), a term coined by VMware and pioneered by Citrix describing a virtualization technology that hosts a desktop operating system on a centralized server in a data center that is accessed by thin clients on the user’s end point. Hypori Halo creates a Zero Trust architecture to provide secure access to Controlled Unclassified Information (CUI) and customer data and resources. In the Hypori Halo environment, the user’s device effectively becomes a “window” into a virtualized mobile workspace that is Version 1.1 20 Proprietary and Confidential operating in the Amazon GovCloud and delivered via a Software as a Service (SaaS) model. Hypori Halo uses a thin client application to create a virtual image of the user’s unique virtual mobile workspace. The client captures touch and sensor data from the end user physical device and routes it back to the Virtual Workspace through a secure and encrypted TLS tunnel. The Hypori Client has been tested by multiple Red Teams to ensure it meets the most rigorous security posture. It is Common Criteria Certified by the National Information Assurance Partnership (NIAP) for Android, iOS, and Windows platforms. NIAP ensures that all certified products “demonstrate exact compliance to the applicable technology protection profile.” This certification verifies that the “Hypori Client is a thin client that communicates only with a Hypori Virtual Workspace on a Hypori Server and not with other servers or applications.” It validates the cryptographic elements of communication with the Hypori environment, that no data is at rest on the user device and no PII is transmitted or stored on the physical end user device. Additionally, the Hypori Client does not trust the mobile device host. It uses application shielding and cryptographic key protection capabilities to defend against compromised hosts. It also has limited runtime OS attestation checks before it will launch. If it detects tampering of the client components, it will not connect to the environment. The data on the client is limited to the trust key chain. The mutual Transport Layer Security (TLS) tunnel certificate is stored with the operating system (OS) protected key store on the device, but no other data is on the end user mobile device. The backend environment consists of a series of subnets which form a cluster. Each cluster is designed to support numerous virtual workspace instances. To the user, the experience is virtually identical to when the application and data was on the user’s mobile device. Private keys within the Virtual Workspace are protected using the Android keystore in combination with the Cloud Service Provider key protection system. The Private keys are encrypted in accordance with Hypori’s National Institute of Standards and Technology (NIST) Federal Information Processing Standard (FIPS) 140-2.

IBM Federal ATOM

FedRAMP In Process

IBM Federal HR Cloud

FedRAMP Authorized

IBM Maximo and TRIRIGA on Cloud for U.S. Federal

FedRAMP Authorized

SmartCloud for Government

FedRAMP Authorized

IBM Platform Services for Government

FedRAMP Authorized

IBM Cloud for Government

FedRAMP Authorized

FedRAMP Authorized

iboss Government Cloud Platform (IGCP)

FedRAMP Authorized

Icertis Contract Intelligence (ICI) for Government

ID.me Identity Gateway

FedRAMP Authorized

Ideagen Government Cloud

FedRAMP Authorized

FedRAMP Authorized

Illumio Government Cloud

FedRAMP Authorized

Illumio Government Cloud delivers Zero Trust Segmentation, including microsegmentation, across multi-cloud and data center workloads and endpoints for government agencies and departments. This offering includes Illumio Core and Illumio Endpoint. Illumio Core provides Zero Trust Segmentation for cloud and data center workloads. Illumio Core stops ransomware and cyberattacks from spreading by delivering intelligent visibility, radically simple label-based policy creation, and automated segmentation and enforcement. Key features: - Gain real-time visibility into traffic flows, application dependencies, and connectivity across all agent and agentless workloads, including containers, IoT, and virtual machines. - Simplify policy generation and automate enforcement to support Zero Trust initiatives with segmentation in minutes. - Stop the spread of ransomware and contain cyberattacks by preventing lateral movement — regardless of architecture, size, or complexity. Illumio Endpoint extends Zero Trust Segmentation to endpoint devices. Illumio Endpoint is flexible enough to handle dynamic work-from-home settings without impacting endpoint performance. It also prevents unnecessary communication from end-user devices to other endpoints or the data center to further reduce your attack surface. Key features: - Apply dynamic segmentation policies based on context, automatically changing if the device moves from the corporate environment to being on the go or at home. - Prevent the spread of ransomware between endpoints by blocking all but necessary communication among laptops, VDIs and workstations. - Gain complete visibility and control of both endpoints and server workloads in one single map. Illumio Government Cloud is an easy, fast, and proven Zero Trust Segmentation solution that uses a lightweight agent known as the Virtual Enforcement Node (VEN). The VEN is a local component of Illumio Government Cloud and is installed on each workload within a customer’s environment. It provides workload information and enforces policy rules by managing Linux iptables or Windows Filtering Platform (WFP) policies. The VEN is included in the Illumio Government Cloud FedRAMP package.

BloxOne Threat Defense Federal Cloud

FedRAMP Authorized

Infor Government Solutions (IGS) Software as a Service

FedRAMP Authorized

Infor Government Solutions (IGS) is composed of integrated cloud application suites that align to specific industries such as Public Sector, Aerospace & Defense, Industrial, Automotive, and Healthcare.These cloud suites are web-architected solutions powered by the Infor Operating Service Platform (Infor OS), a modern technology foundation for driving digital transformation. IGS supports workloads for essential business capabilities such as Financial & Supply Management, Manufacturing ERP, and Human Capital Management as well as fully integrated operational capabilities such as Asset & Maintenance Management, Business Intelligence & Analytics. IGS is hosted in an isolated government-only region of AWS GovCloud (US). AWS GovCloud adheres to U.S. International Traffic in Arms Regulations (ITAR), Federal Risk and Authorization Management Program (FedRAMP), Criminal Justice Information Services (CJIS) requirements, and Department of Defense (DoD) Cloud Computing Security Requirements Guide (SRG) Impact Levels 2, 4, and 5. IGS offerings are categorized using NIST SP 800-53 and the FedRAMP baseline to withstand a Moderate impact level. In addition to IGS' FedRAMP Joint Authorization Board (JAB) authorization, IGS is also compliant for Health Insurance Portability and Accountability Act of 1996 (HIPAA) and NIST SP 800-171, rev 1, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations. Infor Platform: Infor Operating Service Platform (InforOS) delivers high performance, support for open standards, interoperability, enhanced productivity, responsive design, and mobile access via a wide range of devices. The components of Infor OS work together to unify the user experience (UX) for the following enterprise capabilities, using human-centered design to support the mission. Infor Federated Security (IFS) provides single sign-on (SSO) to provisioned IGS applications and authorizes users for role-based access by synchronizing with customer solutions for multi-factor authentication (MFA). Enterprise Portal is a comprehensive platform for social collaboration, business process improvement and contextual analytics; it provides web portal access and presentation to all IGS applications available to the customer. Homepages provides customers the ability to build custom, dynamic pages or select from Infor-provided widgets. Homepages offers a flexible and highly configurable way to present IGS application information and analytics data to users. Intelligent Open Network (ION)is a configurable integration platform-as-a-service (iPaaS) that provides customers with event-based business process automation and the flexibility to orchestrate end-to-end processes across a complex web of enterprise applications. ION API Gateway provides a secure, scalable API gateway for all API calls and programmatic access to IGS applications with API Discovery Services, Policy Management, and Throttling features. Document Managementenables customers to capture, create, manage and access organization-specific business documents and use contextual intelligence to display documents with relation to their business purpose. Data Lake delivers schema-on-read intelligence, a fast, flexible data consumption framework, and metadata management to provide customers with needed data for making key decisions. Financials & Supply Management:Improve operations throughout your organization with the security, scalability, and flexibility of Infor's financial management solutions. Configurable to suit the unique needs of your industry, Infor's innovative solutions expands data usability, helps meet complex reporting requirements, and eliminates duplicate records and spreadsheets to improve financial performance. CS Financials & Supply Management is an integrated finance and supply management software suite that couples modern General Ledger operations with tools to effectively manage the full source-to-settle process. Establish a single close process across your entire organization and gain real-time visibility into receivables and billing, payables and matching, cash management, lease accounting, asset accounting, and project ledgers. Expense Management comprises a suite of four integrated applications (Expense Reports, Travel Plans, Payment Requests, and Timesheets) that can be used either individually or in any combination to automate expense-related business processes, enforce policy compliance, cut administrative costs, and reduce the risk of accidental errors and intentional fraud. Manufacturing ERP: Infor s manufacturing offerings provide ready-to-run solutions, built specifically to meet the needs of Government, Industrial, Aerospace & Defense, and Automotive companies and organizations. They provide deep, proven capabilities in key areas such as global finance, materials and inventory management, manufacturing production, product lifecycle management, project management, regulatory compliance, and field service management. CS Aerospace & Defense: Infor LN embodies over 25 years of experience and best practices in industrial manufacturing, equipment, automotive, high tech, aerospace and defense, distribution, and service management. Features includes industry-specific purchase and quality management, contract management and flowdown, multisite support, and built-in processes for ETO, MTO, MTS, and repetitive manufacturing. CS Industrial with Mobility: Infor SyteLine provides an end-to-end ERP solution for both discrete and process manufacturers, which includes advanced planning and scheduling, complex product configuration, mixed mode processes, and lean production methods. Factory Track™ is a manufacturing automation solution that supports field service and quality capabilities within Infor manufacturing ERPs and enhances warehousing functions for a paperless shop floor and greater operational efficiency. Warehouse mobility provides real-time barcoding and data collection for inventory operations and traceability. Time tracking provides a comprehensive time and attendance management for labor recording and machine time recording. Infor Supplier Exchange™ is used by automotive manufacturers to publish demand (requirements) and Advance Ship Notices (ASNs) to the Web. The platform provides online collaboration between customers and different types of companies in the manufacturing industry, including logistics service providers, outside processors, purchase parts suppliers, and discrete purchase order suppliers. Features include Global Track and Trace, supplier performance, damaged material notices as supports multiple currencies and multiple languages. Human Capital Management (HCM): Infor HCM provides a powerful set of cloud-based human capital management solutions to replace complex processes, workflows, and systems. Sophisticated, yet intuitive technology, empowers your HR professionals to deliver streamlined workforce processes. Global HR empowers HR departments to unify both data and processes and has the industry's broadest feature set of configurable, simplified, flexible and personalized core HR capabilities. GHR helps manage the person system of record, absence management, time entry, and benefits administration workflows. Cloud-based, mobile-enabled HR software frees your global teams from time-consuming transactional tasks enabling timely, accurate, and insightful data to all of your relevant HR and business applications. Talent Management is an integrated set of applications and performance management software organically built to support your strategic people initiatives by unlocking the potential of your organization's talent. Identify, hire, develop, reward, and retain the best of the best, all using a single, unified user experience. Work Force Management is a comprehensive labor optimization, planning, and time and attendance solution managing employee resource demand, labor performance, and business analytics. WFM addresses all aspects of labor compliance and performance needs with time and attendance, demand-driven scheduling, workforce scheduling, and absence management tools, mitigating potential compliance errors and reducing costs. Payroll is a scalable solution integrating personnel information seamlessly with compensation, benefits, absence, time-entry management, and employee self-services. Infor Payroll reduces administration workload and duplication of effort with a powerful control monitoring system. Update your payroll practices with a reliable and highly secure solution that meets the needs of complex pay job costing components. Asset & Maintenance Management: Hexagon's Enterprise Asset Management (EAM) with Mobility enables everyone involved in asset maintenance and management - owners, inspectors, managers, engineers, field techs, investment strategists - to find out more about the criticality, condition, reliability, and performance of assets, large and small. Based on ISO 55000, asset performance management (APM), asset investment planning (AIP), and GIS capabilities allow organizations to track assets and make data-driven decisions about when to repair, refurbish, retire, or replace. Facilities Management is configured with 14 separate workflows with out-of-the-box functionality. Infor EAM is pre-loaded with American Society of Heating, Refrigerating, and Air-Conditioning Engineers (ASHRAE) standards for equipment classifications, along with standard structures for mechanical, electrical, plumbing, and architectural systems. A two-way integration with OpenCAD Building Information Management (BIM) allows virtual walkthroughs of 3D building models, transforming design, construction, and maintenance capabilities. Maintenance, Repair & Overhaul (MRO) is a configurable solution to manage activities across different types of assets, including Fleets, Equipment, Labs and Utilities. Infor EAM's best-in-class features automatically create and assign work orders for preventive and corrective maintenance, automate purchasing and inventory management, manage inspections, schedule resources, and can leverage IoT and analytics to predict asset failure and support condition-based and reliability-centered maintenance programs. Business Intelligence & Analytics: Infor Burst is a native cloud business intelligence (BI) and data analytics platform for enterprise reporting, dynamic dashboards, and self-service data discovery that helps organizations understand and optimize complex processes in less time than traditional BI solutions. Built with patented data warehouse automation and machine learning technologies, Burst's "networked BI" approach creates a curated semantic data layer that maintains data lineage and connects teams and applications across the enterprise via a trusted network for faster insights and smarter decisions. Democratize data access while still maintaining centralized compliance and governance with new auditing features and granular user access controls. Dynamic Enterprise Performance Management (d/EPM) delivers business and financial performance management applications for Infor ERP solutions that allow organizations to centralize data, build plans tailored to their business, and forecast more accurately. d/EPM is an in-memory analytics platform that provides instant consolidation of data and immediate user feedback. Governance Risk and Compliance (GRC)is a versatile and extensible governance, risk, and compliance software that customers can use to mitigate performance or security risks, minimize inefficiencies, and verify user permissions, while remaining compliant with laws, regulations, and industry standards.

Informatica Intelligent Cloud Services (IICS)

FedRAMP Authorized

Government agencies need a better, faster, more reliable approach to integrate and deliver timely data and analytics to users and business systems that rely on data. Whether you're delivering analytics, building a data warehouse, migrating a data warehouse to the cloud, or building real-time application processes, you need a high-performance, easy-to-use data integration service that connects to on-premises data sources, cloud applications, and cloud platforms to seamlessly integrate high volumes of data, so that you can get up and running quickly. IICS for FedRAMP IICS is a microservices-based, automated, AI-powered, and cloud-native data management solution. All of the IICS for FedRAMP IICS components and integrated Informatica solutions described below incorporate the CLAIRE artificial intelligence (AI) and machine learning engine, which leverages industry-leading metadata capabilities to accelerate and automate core data management and data governance functions. IICS for FedRAMP IICS includes support for both Cloud Data Integration and Cloud Application Integration: Cloud Data Integration Built on a next-generation, microservices-driven software as a service (SaaS), Informatica Cloud Data Integration enables you to connect to industry-leading applications and data sources across on-premises and the cloud and allows you to integrate the data sources at scale. Optimize the performance of your development teams by employing a codeless UI to build new integrations using drag-and-drop interfaces, making complex integrations simple. Speed up new initiatives with pre-built templates to get teams up and running more quickly, even for very involved scenarios. Cloud Application Integration Informatica Cloud Application Integration (CAI) service offers a single, trusted solution to support any integration pattern, data set, user-type or endpoint to automate business processes, expedite transactions and enable real-time analytics. It is based on a modular, microservices based architecture for agile support of future business requirements. CAI supports multiple new and unique integration patterns, which include on-premises to cloud real-time data integration, real-time/B2B application integration, process orchestration, data synchronization, and more. Users can integrate multi-cloud and hybrid applications, without writing a single line of code. Each of the above services leverage Informatica's Secure Agent that runs all your Cloud Data Integration and Cloud Application Integration workloads inside of the customer’s infrastructure, ensuring the greatest levels of security and performance.

Content Manager Records Management Application (RMA) Cloud Service Offering (CSO)

Innovative Driven Government Cloud (IDGC)

FedRAMP Authorized

Trust & Wealth Management Solutions

FedRAMP Authorized

Intelliworx Cloud Workflow Platform

FedRAMP Authorized

FedRAMP Authorized

Iron Mountain Insight on AWS

FedRAMP In Process

Iron Mountain InSight

FedRAMP Authorized

Issio Information System

GovDataHosting Cloud Platform

FedRAMP Authorized

Itamar Dispatcher Cloud (IDC)

FedRAMP Authorized

Ivanti Neurons for MDM (Formerly MobileIron)

FedRAMP Authorized

MobileIron Government Cloud provides Government agencies with the foundation of the first mobile-centric, zero trust security platform to securely access and protect data across the digital workplace. MobileIron's zero trust approach validates the device, to ensure that only authorized users, devices, apps, and services can access business resources. With MobileIron, Government agencies can secure and manage data on any device across multiple operating systems such as iOS, Android, Windows 10, macOS, Zebra and Oculus. MobileIron technology automatically provisions enterprise settings such as Wi-Fi and VPN, secures corporate email and email attachments, applications and content delivery for both GSE and BYOD programs. With MobileIron, IT departments can deliver the right resources to authorized personnel while protecting sensitive government data, preserving the privacy of end-user data, and maintaining the seamless native device experience. MobileIron Government Cloud has been purpose built to provide a cloud-based, scalable architecture that enables rapid deployment and scales up to millions of users. The MobileIron Unified Endpoint Management (UEM) platform incorporates identity, context, and privacy enforcement to set the appropriate level of access to data and services while allowing IT departments to securely manage their global mobile workforce from a single console. . When user choice and end user experience matters, MobileIron Cloud provides the simplest onboarding and superior on device experience which improves user productivity. MobileIron Government Cloud offering now includes MobileIron Threat Defense (MTD). MTD builds upon MobileIron's mobile-centric, zero trust security framework by providing a single app that continually detects and remediates against known and unknown (zero-day) device, network and app-level threats on Android and iOS devices, with or without cellular or Wi-Fi connectivity. Deployment and activation of MTD on mobile devices is accomplished silently on managed and unmanaged devices in order to drive towards 100 percent user adoption. In addition to protecting federal data from mobile attacks, MTD helps federal agencies to comply with regulatory requirements, reduce total cost of ownership, and drive business innovation with secure mobile devices, apps, and cloud services.

Ivanti Neurons for ITSM (Formerly Service Manager)

FedRAMP Authorized

Tracers with AMP®

FedRAMP Authorized

FedRAMP Authorized

Juniper Mist Government Cloud uses a combination of artificial intelligence, machine learning, and data science techniques to optimize user experiences and simplify operations across the wireless, wired, and SD-WAN branch and campus environments. Data is ingested from numerous sources, including Juniper Mist Access Points, Switches, Session Smart Routers (SSR), and Firewalls (SRX) for end-to-end insight into user experiences. These devices work in concert with Mist AI to optimize user experiences from client to cloud, including automated event correlation, root cause identification, Self-Driving Network™ operations, network assurance, proactive anomaly detection, and more. Juniper also leverages Mist AI for next-generation customer support. For example, it is the foundational element behind Marvis, the industry’s first AI-driven Virtual Network Assistant, providing extensive insight and guidance to IT staff via a natural language conversational interface. As a result, Mist AI saves operators time and money with faster problem resolution and fewer onsite visits. In addition, users benefit from a network infrastructure that is more predictable, reliable, and measurable. Marvis Virtual Network Assistant is the first virtual network assistant (VNA) purpose-built with Mist AI for enterprise WLANs, LANs, and WANs. It transforms network operations from reactive troubleshooting to proactive remediation through self-driving actions. Juniper Wi-Fi Assurance service is based on machine learning and driven by Mist AI. It replaces manual troubleshooting tasks with automated wireless operations to make Wi-Fi predictable, reliable, and measurable, providing unique visibility into user service levels. Juniper Mist Wired Assurance service brings Mist AI to switching. It sets a new network management standard with AI-driven operations and automation, improving the experiences of devices connected to resources through Juniper EX/QFX Series Ethernet Switches for branch and campus deployments. Juniper Mist WAN Assurance service simplifies operations and improves visibility into end-user experiences while shortening the time to repair wired and wireless devices. Premium Analytics offers network visibility and business intelligence to drive your digital transformation journey.

Juvare Federal Cloud

FedRAMP Authorized

Kahua Federal Network (KFN)

FedRAMP Authorized

FedRAMP In Process

Keeper Security Government Cloud Password Manager and Privileged Access Manager

FedRAMP Authorized

Keyfactor for Government

FedRAMP In Process

Kiteworks Secure Gov Cloud

The Kiteworks Private Data Network is a FedRAMP Ready service at the High Impact Level that provides data security, governance, and compliance capabilities. The service consists of the following core components and functions: System Components - Virtual private cloud (VPC) environment with dedicated servers for each customer - Encrypted file storage system - Data transfer protocols including SFTP, HTTPS, and SMTP - Authentication and authorization services - Audit logging and monitoring systems - Security scanning and threat detection services Core Functions - File transfer and sharing capabilities via web interface, email, SFTP, MFT, and APIs - Role- and attribute-based access control and user authentication - File encryption at rest and in transit using FIPS 140-3 validated cryptographic modules - Audit logging of all system and user activities - Integration with customer directory services (LDAP/Active Directory, etc., see below) - Multi-factor authentication support - DLP integration - Embedded antivirus Possessionless Editing (SafeEDIT) System Components and Functions - File streaming service for secure remote data access and collaboration - Data rendering system for file type conversion - Audit logging system for data interactions - Versioning system for file changes - Authorization validation service - File integrity verification system - Session management service - Access revocation controls - Activity monitoring system Security Features - Customer-managed encryption keys - Single-tenant deployment providing data isolation between customers - Continuous security monitoring and scanning - File-level role- and attributed-based access controls - Remote device management capabilities - Security event logging and reporting - Integration with customer SIEM systems Compliance Capabilities - Audit log generation and retention - Policy enforcement mechanisms - Compliance reporting tools - Data locality controls - Access tracking and monitoring - Chain of custody documentation Integration Interfaces - REST APIs for system integration and SCIM authentication support - SMTP interface for email services - SFTP/FTPS/CIFS/SMB interfaces for file transfer - LDAP/AD, SAML 2.0, Kerberos, PIV/CAC, time-based one-time password (TOTP) authenticators, SMS, and SFTP certificate connectors for authentication - SIEM integration for security monitoring - DLP and CDR system integrations - The system operates within a defined authorization boundary and undergoes continuous monitoring and regular security assessments in accordance with FedRAMP requirements. To learn more about what Kiteworks can do for government agencies, please visit: https://www.kiteworks.com/solutions/government/

Knightscope Autonomous Security Robot (Knightscope ASR)

FedRAMP Authorized

KnowBe4 Platform (KSAT + PhishER)

FedRAMP Authorized

LabArchives for Government (LG)

FedRAMP Authorized

SimCapture Cloud Government

FedRAMP In Process

FedRAMP Authorized

FedRAMP Authorized

FedRAMP Authorized

FedRAMP Authorized

Accessibility Management Platform (AMP)

FedRAMP Authorized

Lexis+® for Government

FedRAMP In Process

Lookout Security Platform

FedRAMP Authorized

FedRAMP Authorized

Cloud Contact Center

FedRAMP Authorized

FedRAMP Authorized

InfraLink, formerly known as Infrastructure Maintenance Management System (IMMS), integrates the cyber-physical systems lifecycle from design through implementation and sustainment, enabling configuration management and providing a systematic approach to planning and continuous improvement across project activities. Rely on InfraLink to support all aspects of critical infrastructure management. Configuration Baselines - Effectively manage system security, planned maintenance, issue management, and systems availability/performance reporting by ensuring the integrity of your system baseline configurations. InfraLink supports customization to each system element. Preventive Maintenance - Ensure critical systems and equipment availability and avoid unplanned outages. Based on the concepts of reliability-centered maintenance, InfraLink provides a foundation for effective scheduling, tracking, and performance management activities. Model data, capture tools, and electronic forms document and validate information in near-real time. Issues Management & Analysis - InfraLink’s flexible and customizable ticketing system allows you to define work categories and workflows that align with program scope and priorities, set service level agreement (SLA) milestones, and capture customized status-specific issue attributes. Comprehensive case details help you better assess system and process performance, conduct effective root cause analysis and ensure individual accountability. Installation Management - InfraLink allows project teams to effectively track complex system implementation workflows, from simple component testing and installation to the integration of complex subsystems and hundreds of components. InfraLink enables effective planning and data integrity, which promote worker safety, accountability, and coordination across job functions. Materials Inventory - Avoid work delays caused by stock shortages and extensive inventory carrying costs through effective inventory management. InfraLink helps you plan replacements based on a reliable configuration baseline, performance history and operational priorities, while streamlining stringent Government and enterprise property reporting requirements. Reporting - Maintain a comprehensive assessment of your systems and team performance. InfraLink provides a range of standard and customizable reports and dashboards that offer critical insights to support ongoing improvements in systems performance and management.

Manhattan Government Cloud

FedRAMP Authorized

FedRAMP Authorized

Mark43 Public Safety Platform (PSP)

FedRAMP Authorized

RiskRecon Cybersecurity & Privacy - Reporting and Scorecards

Quality Excellence Gov (Qx Gov)

FedRAMP Authorized

Mathematica Cloud Support System

FedRAMP Authorized

Maximus Intelligent Virtual Assistant (MIVA) (formerly MIA)

FedRAMP Authorized

FedRAMP Authorized

Maximus Cloud is a FedRAMP Authorized multi-tenant Private and Government Community Hybrid Cloud designed exclusively for use by government customers only. Built to meet government compliance and security requirements, our managed Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), and Software-as-a-Service (SaaS) portfolio of solutions are hosted, managed, secured, and monitored to provide the highest scalability, reliability, and availability of mission-critical systems and services. Our FedRAMP Authorized services include: • MAXIMUS Amazon Connect Platform: an enterprise-class omnichannel cloud contact center solution. The Engagement Platform leverages Amazon Connect technology to provide an optimized citizen engagement experience that enables citizens to communicate with your agency across all channels – including voice, email, SMS and web chat. The Amazon Connect Platform also provides key additional modular features such as workforce management, recording and quality management, analytics, AI and a robust reporting framework. • MAXIMUS Genesys Engagement Platform: an enterprise-class omnichannel cloud contact center solution. The Engagement Platform leverages Genesys technology to provide the omnichannel functionality required for an optimized citizen engagement experience that enables citizens to communicate with your agency across all channels – including voice, email, SMS and web chat. The Engagement Platform also provides key additional modular features such as workforce management, recording and quality management, analytics, AI and a robust reporting framework. • Maximus Intelligent Insights: a Software-as-a-Service (SaaS) Total Customer Experience solution powered by SuccessKPI that uses AI and machine learning to provide key insights on customer service experiences over text and audio. The platform uses speech recognition and natural language understanding (NLU) to analyze conversations between customers and agents in real-time. With omni-channel capabilities, SuccessKPI brings together information from every customer point of contact to provide comprehensive datasets for improving the consumer experience. • Maximus RPA: is our Platform-as-a-Service (Paas) solution powered by Automation Anywhere that uses a web-based management system that uses a control room to run automated tasks that combines traditional Robotic Process Automation (RPA) with cognitive elements like Natural Language Processing (NLP), reading unstructured data, and machine learning capabilities. • Maximus Analytics: is our Platform-as-a-Service (PaaS) solution powered by tcg mcube that uses a robust, scalable, and flexible end-to-end AI Platform to ingest, store, and process complex data to across the enterprise. Intuitive and built for speed, Maximus Analytics provides real-time data insights, a low code AI drag-and-drop interface, powerful self-service capabilities, and a modular 360-degree platform embedded with AI/ML frameworks. • Maximus Suicide Prevention Service Powered by MindX Sciences is an easy-to-use tool that can identify individuals at risk for suicidality and provide personalized risk-reduction and life improvement strategies. Based on the Niculescu Convergent Functional Information for Suicidality Scale (CFI-S), the test does not ask about suicidal ideation, making it suitable for non-clinical settings such as large organizations or educational settings. The test's validity and reliability have been validated through published studies in scientific and medical journals. Additionally, clinicians can use the test for a nominal yearly fee to reduce suicide risk in their patient population, with a CPT code for clinical use available. Overall, the SX Prevent test is an innovative approach to suicide prevention that can support individuals at risk and may prove beneficial in various settings.

MCG Applications and Hosting

FedRAMP Authorized

MCG Energy Solutions develops and provides wholesale and retail energy software on a SaaS basis that we host as a CSP in the MCG Private Cloud. Both our Private Cloud infrastructure (IaaS) and our product suite (SaaS) exceed a 99.99% SLA uptime for utilities and other businesses that need a true 24x7x365 system with real-time (active/active) redundancy. MCG’s entire customer solution, including all product offerings and services, has no gaps between our software and the infrastructure it runs on. Our solutions are hardened through and through to mitigate customer risk exposure and minimize required maintenance. The following products are included in the MCG Application suite which can be used individually or together as a complete energy software solution: • Integrated Asset Manager (IAM) - A full-featured, easy-to-use wholesale energy marketing and trading solution integrated with all North American physical bilateral markets and ISOs. IAM’s user-friendly scheduling interface streamlines workflow for managing front-office and back-office operations including trade capture, transmission reservation management, fully integrated native e-Tagging, scheduling, bidding, dispatch, settlement, and reporting for all resources and loads. • Energy Accounting System (EAS) - Tracks and manages time-series data types, visualizes calculations (load, imbalance, contract, etc.), and tracks a meter’s data sources to generate an official profile based on the best available and validated data. EAS supports granular meter input (5-minute, 15-minute, hourly) and tracks multiple data sources for a single meter such as PI, MV90, market, and more. The system’s flexible calculation engine accepts and saves the calculations you require in an Excel-like format. • TransBill - Extends EAS as a complete wholesale power billing and invoicing solution that bills a wide variety of wholesale contracts for both generation and transmission businesses. TransBill assists in performing all components of Open Access Transmission Tariffs (OATTs), Purchase Power Agreements (PPAs), Grandfathered Agreements (Power and Transmission legacy contracts), ISO Transmission Revenue Shadowing, and more. • MCG’s Versify Outage Management System (OMS) - An industry leader for handling the outage process from the initial request, through approval processes, to execution and coordination of activities in the field and with ISO and RTO markets. Versify OMS features the advanced Versify workflow engine that greatly reduces time and expense of adjusting the system to meet changes in markets and your business. • MCG’s Versify Operator Log (OpLog) – A web-based software system that easily logs events, activities, and compliance requirements in a single tool using the same workflow engine as Versify OMS. OpLog simplifies communication between the field and office, and automates manual processes to eliminate errors while improving efficiency and compliance. • MCG’s Versify Workforce – Advances and streamlines safety management with tools for desktop and mobile devices, including Permit to Work (PTW), Job Hazard Analysis (JHA), Job Safety Analysis (JSA), Lockout Tagout (LOTO), and more. Workforce reduces the administrative burden on staff while enhancing compliance and coordination between the field and office. Designed to provide complete visibility across your organization, Workforce ensures the correct safety and compliance measures are taken for the safety of your employees and work environments. • MCG’s Paragon Energy Risk Manager (ERM) - A fully integrated trading, credit, and market risk management solution for complex, multi-commodity energy companies. ERM manages the entire risk management process throughout the transaction life cycle including counterparty onboarding and scoring, trade limits, margining agreements, trade capture, scheduling, Mark-to-Market (MtM), accounting, and credit analysis. Combining state of the art technology with dynamic features, ERM provides a consistent approach to market and credit risk to ensure compliance with credit and market exposure policies and limits. • MCG’s Paragon Credit Risk Manager (CRM) - Combines state of the art technology with a rich feature set for managing credit risk, including counterparty, contract, collateral, exposure management, advanced credit analytics, and credit scoring. CRM is easily configured by users to meet the nuances of each client’s credit risk requirements, and can create custom views and reports that can be saved and shared. Encompasses the entire scope of credit risk management to ensure credit policies are consistently and efficiently followed across your organization. • MCG’s Paragon Gas Scheduling System (GSS) – This extension of Paragon ERM merges operational and commercial data in an easily navigated format that streamlines tasks from processing nominations to generating expected cash flows. GSS simplifies the gas scheduling process by generating invoices and closing statements using transport rates from the pipeline and actualized data. • Hosted Data Services (HDS) – Accessing your data should not interrupt business activities. HDS warehouses and archives data from all MCG products into a single platform with full search, filter, report, and display building capability. It includes a programmatic API for performing queries directly against the HDS database, eliminating production impacts from long running queries while integrating to downstream systems without impacting the operational system in use. • Control Area Scheduling (CAS) – A fully featured interchange and transmission scheduling system integrating MCG e-Tag and OASIS interfaces to automatically create, categorize, and track interchange and transmission schedules for reliability entities. • MCG’s Innotap Data Suite (IDS) – When you need timely, clean, and accurate data from markets for your decision making, IDS (direct or through API feed) is the solution for your business. IDS organizes and displays data for wholesale energy transactions from a wide array of sources, with modules for a variety of ISOs and RTOs to aid and report on the decision making process.

FedRAMP Authorized

Mindful by Medallia

FedRAMP Authorized

Medallia GovCloud

FedRAMP Authorized

The Medallia Experience Cloud (MEC), leads the market in the understanding and management of experience for agencies, public sector employees, and citizens. Medallia captures experience signals created on daily journeys in-person, traditional surveys, on calls, digital channels, over video and social media, and IoT interactions. Once net new data is captured or by leveraging legacy data previously collected by customers, Medallia applies proprietary AI technology on data that is structured and unstructured (text and comments) to reveal personalized and predictive insights that can drive action towards positive business / organizational results and outcomes. Using the Medallia Experience Cloud, government agencies can reduce employee churn, increase citizen and employee Trust and Equity, achieve in-the-moment service recovery, and drive data-driven business decisions while providing clear and potent returns on investment. The Medallia Experience Cloud can support agency mission, focus, and objectives by: - Engaging Citizens and Employees Intuitively in a secure, meaningful, continuous way to increase feedback response rate and help the agency better understand their sentiment, value, and behavior. - Empowering the Agency and Activating every Employee by driving feedback and actionable insights to every agency employee. - Taking Action in Real-Time with analysis and alerts that identify focus areas and help resolve issues quickly. - Optimizing Government Experience by empowering agencies to align with mandates related to A-11, Trust, and Equity - Removing Silos by tracking customer journeys that span across engagement channels including email, mobile, websites, chat, phone, video, and contact centers - Maintaining Trust and Security with a platform that is FEDRAMP High certified with the JAB as well as HIPAA compliant allowing us to engage with sensitive PII. - Integrating at scale by leveraging connectors for platforms such as Salesforce and ServiceNow and supported by a robust suite of Restful API

MediaLab Federal

FedRAMP Authorized

Melissa GovCloud Address Suite

FedRAMP Authorized

Cloud Security Platform powered by Isolation Core

FedRAMP Authorized

Menlo Security is the pioneer of browser security and stops evasive threats such as phishing and ransomware, delivering on the promise of cloud-based security and enabling zero trust application access. The Menlo Secure Enterprise Browser solution prevents attacks while being invisible to end users who can use their preferred web browser, enhancing productivity. Deploy browser security policies in a single click, securing internet access and protecting organizational data down to the last mile. Menlo Secure Enterprise Browser Solution Instantiated for each browser session, the Menlo Secure Cloud Browser secures access to the web, preventing malware, ransomware, and unauthorized access and ensures that data security policies are enforced to prevent malicious or unintentional data theft with multiple Data Loss Prevention (DLP) features. Defending against highly evasive adaptive threats (HEAT), Menlo leverages machine learning and AI-based URL analysis to identify and block the most sophisticated phishing sites. Menlo remote browser isolation (RBI) offers significant performance enhancements in comparison to all other RBI offerings with patented Adaptive Clientless Rendering (ACR). ACR enables web page rendering, including interactive animations such as scrolling, to be performed on the endpoint browser using optimized desktop hardware and browser software, while the full browser feature set—including copy-paste, find in page, and printing—is maintained. The administrative policy defines whether any site is isolated. Isolation may be managed with traditional categories which should be familiar and easy to use by administrators of Secure Web Gateways (SWG). Unlike a SWG, however, Menlo enables isolation by threat types and/or vulnerable web services. Mitigating the security blindspot posted by mandated transport level encryption (TLS), Menlo Browsing Forensics offers policy-based capture of browsing sessions. Captures are stored in customer data stores, not accessible to Menlo Security. The Browsing Forensics Viewer enables the Security Operations Center (SOC), incident response, and even security awareness training teams to review users’ sessions including clicks, scrolls and text inputs. Policy controls manage whether password entries are retained, whether a user is notified of recording and screen capture rates. Files and archives are delivered with browser protocols. The Menlo Secure Cloud Browser includes comprehensive file and archive inspection. Archives are opened, and each file is subject to hash checks and anti-virus examinations. The safe content of both clean and infected files can be presented as a safe PDF to the user. Policy governs whether any original file or archive may be downloaded from the Secure Cloud Browser. File security checks can be selectively bypassed. Traffic steering to the Menlo Cloud supports proxy chaining from, for example, existing SWG or Cloud Access Security Brokers (CASB), as well as PAC file deployment or firewall redirecting. Menlo Browser Security is fully compatible with Secure Access Service Edge (SASE) and Security Service Edge (SSE) deployments. Common use cases for Menlo Browser Security include: comprehensive zero-hour phishing prevention, ransomware prevention, administrative governance of Generative AI, and comprehensive governance of SaaS using workflows similar to CASB, but including SaaS property isolation and comprehensive file upload and download controls applicable on a per-application basis.

Constellation GovCloud (CGC)

FedRAMP Authorized

ITMX Platform featuring Service & Asset Management, Universal Discovery, CMDB and Project & Portfolio Management

FedRAMP Authorized

Azure Government (includes Dynamics 365)

FedRAMP Authorized

Office 365 Multi-Tenant & Supporting Services

FedRAMP Authorized

Azure Commercial Cloud

FedRAMP Authorized

Microsoft Office 365 GCC High

FedRAMP Authorized

MicroStrategy Cloud for Government

FedRAMP Authorized

MicroStrategy is the world’s top-rated platform for enterprise analytics. The MicroStrategy Intelligence Platform offers a full range of trusted, modern BI experiences, and is designed to help departments and agencies build data-driven cultures and make faster, smarter decisions. Built for performance at scale, MicroStrategy delivers concrete answers to users where and when they’re needed. Foundationally, the platform offers out-of-the-box drivers and gateways for a variety of data sources, types, and formats, and APIs/SDKs which are hosted within the MicroStrategy Platform Deployed within Customer Tenant. Using the platform’s proprietary enterprise semantic graph, agencies can establish a unified, governed, secure, and reusable data model on which a variety of intelligence solutions can be built to deliver accurate, personalized, and trusted information to individual users based on each agency’s enterprise data dictionary. The MicroStrategy Cloud for Government is a fully managed enterprise analytics solution that offers all the market-leading capabilities of the MicroStrategy Intelligence Platform on a unique Amazon Web Services (AWS) GovCloud implementation. MicroStrategy Cloud for Government features a fully optimized reference architecture built specifically for deployment in a customer-licensed AWS environment, offered as a software-as-a-service (SaaS) solution. MicroStrategy administers each unique MicroStrategy Cloud for Government environment on the behalf of each government department or agency, including steady state operations, routine application of software upgrades, robust system monitoring and alerting, and 24/7/365 technical support for priority issues. The components that directly support the MicroStrategy Cloud for Government cloud service offering are described in the subsections below. MicroStrategy Cloud for Government is a SaaS service built on top of AWS GovCloud (US) IaaS servers. MicroStrategy utilizes AWS GovCloud (US) to provide the resources that host the MicroStrategy Cloud for Government platform and leverages the experience and resources of AWS to scale quickly and securely as necessary to meet current and future demand. MicroStrategy is responsible for designing and configuring the MicroStrategy Cloud for Government architecture within AWS GovCloud (US) to ensure that the availability, security, and resiliency requirements are met.

GovPoint Cloud Services

FedRAMP Authorized

GovPoint Cloud Services (GCS) offers a variety of cloud solutions, including Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Software as a Service (SaaS), custom and private clouds, and 'bring your own hardware' options. This allows for tailored cloud setups to meet specific needs. GovPoint operates from its geographically dispersed data facilities, which are maintained by MIS Sciences, without relying on other providers. All compute instances feature high-performance processors and ultra-fast flash storage with 40 Gbps connectivity, ensuring exceptional speed and efficiency. Overview of Services • Authorization as a Service If you have an application that needs to be FedRAMP authorized, MIS can include it in our suite of FedRAMP authorized SaaS offerings. This will enable your SaaS application to utilize the MIS FedRAMP authorization, allowing you to provide a FedRAMP authorized product to your customers. • Compute (IaaS) With GovPoint Compute (GPC), you balance processors, RAM, and disk to meet the requirements for any cloud application. GPC uses a blend of high-I/O flash disks and Storage. Users can choose between pre-configured and hardened images or customize processors, disk space, and RAM to meet particular needs. • Private FedRAMP Cloud If your requirements call for isolation or dedicated resources, the Private FedRAMP Cloud is your solution. With the Private Cloud, you have complete control over all resources, including firewalls, networking, computing, and Storage. Your private cloud is isolated from all other tenants and users and is part of the GovPoint FedRAMP Infrastructure. • Bring Your Own Hardware Customers can bring their own hardware to operate within the FedRAMP Authorization boundary. This allows them to utilize the GCS controls to meet compliance requirements for specialized hardware, equipment, or appliances. • Sayari (SaaS) Sayari is a trusted supply chain and counterparty risk intelligence provider for government agencies, multinational corporations, and financial institutions. Our platforms integrate corporate ownership, supply chain, trade transactions, and risk data from over 250 jurisdictions, ensuring you can trust the quality of our intelligence. • Calabrio Workforce Engagement Management (SaaS) Calabrio Workforce Engagement Management offers a digital foundation for customer-centric contact centers. This suite improves agent performance and workforce efficiency by combining workforce optimization, agent engagement, and business intelligence in the cloud, leading to better customer experiences. • Sharetru Federal (SaaS) Sharetru Federal is a leading provider of secure file sharing and Managed File Transfer as a Service (MFTaaS). It allows organizations to exchange critical data securely while ensuring compliance with strict regulations such as CMMC, NIST SP 800-171, ITAR, HIPAA, PCI-DSS, and FedRAMP (NIST SP 800-53 Rev. 5). With file transfer protocols including HTTPS, SFTP, and FTPS, Sharetru Federal supports fully automated as well as ad-hoc file transfers. Explicitly designed for industries requiring high data protection standards, Sharetru Federal serves sectors including Defense, Healthcare, Financial Services, and Aerospace. • eAlert Notification Service (SaaS) eAlert is a cloud-based, high-speed, high-volume email and SMS sending service designed to send notifications and transactional messages. It is a reliable, cost-effective service for businesses of all sizes that use email and SMS to keep in contact with their customers. Use the GCS eAlert APIs to integrate eAlert directly into your existing applications. You can also integrate the email sending capabilities of GCS eAlert into the Software you already use, such as ticketing systems and email clients.

mLINQS Hosting Service

FedRAMP Authorized

MongoDB Atlas for Government

FedRAMP Authorized

Monster Hiring Management Enterprise (MHME)

FedRAMP Authorized

Motorola Solutions Federal Cloud (MSFC)

FedRAMP Authorized

Moveworks GovCloud

Moveworks is a comprehensive, technology-agnostic Agentic Artificial Intelligence (AI) platform for automating workforce support. The Moveworks Agentic AI Assistant manifests as a standalone search engine, web bot, or collaboration tool native chatbot to drive business process optimization (BPO) by enabling employees to find information, automate tasks, and enhance productivity via workflow automation, cost reduction, and digital transformation at scale across all business systems (ITSM, HRIS, ERP, CRM, and others). Powered by machine learning (ML), a fleet of public and proprietary LLMs, and a pioneering Agentic Reasoning Engine that allows it to handle complex requests across multiple domains (IT, HR, Finance, Facilities, Engineering, Operations, and others), Moveworks helps organizations to achieve Lean Six Sigma levels of operational efficiency while maintaining regulatory compliance and optimizing resource allocation. It streamlines strategic sourcing, financial modeling, and expense reduction, thus ensuring maximum ROI (Return on Investment) and total cost of ownership (TCO) optimization. It also comes with robust stakeholder tools allowing for strong governance, rich analytics, and continuous service improvement. With an intuitive, zero-trust architecture (ZTA), the Moveworks platform seamlessly integrates with existing technology ecosystems to deliver value out of the box, allowing organizations to modernize operations through cloud optimization and IT modernization. And while Moveworks has over 150 native integrations, the platform also has a developer interface that makes it easy for builders to extend the power of the Agentic AI Assistant to every bespoke business system by creating custom AI agents at speed and at scale. For public sector innovation and government modernization, the Moveworks platform enhances agile governance by implementing and tracking key performance indicators (KPIs) to ensure accountability. It enables process mining to uncover inefficiencies, supports continuous improvement (CI) methodologies, and delivers real-time insights for data-driven decision-making.

Movius MultiLine and Movius Decentralized Distributed Secure Communications

FedRAMP In Process

iSite Contract Management Portal

FedRAMP Authorized

MuleSoft Government Cloud

FedRAMP Authorized

Vendor Event & Business Matchmaking Platform

FedRAMP Authorized

FedRAMP Authorized

FedRAMP Authorized

Building on 70+ years of physician matching, the NRMP partners with U.S. government agencies to offer simple, equitable, and effective solutions for matching applicants to posts, stations, and government offices around the globe to effectively address recruitment and selection needs and drive outcomes for success. Using our software-as-a-service application called iMatch, administrators can invite participants to take part in a “match” where we leverage our proprietary mathematical matching algorithm to prioritize the selection preferences of participants, placing them in the most preferred positions possible on their rank lists. Participants have access to real time Match information and obtain their Match results in the iMatch system. Additional Match Outcome Reports can inform workforce trends and guide growth and development. NRMP’s iMatch system and matching services simplify selection processes, reduce bias, and encourage stable outcomes based on the principles of market design and the following pillars : **Accuracy:** NRMP’s proprietary mathematical matching algorithm places participants based on preferences and creates the best possible outcome. Research on the algorithm was the basis for awarding the 2012 Nobel Prize in Economic Sciences. **Reliability:** NRMP creates a Match schedule to ensure on-time delivery of services with well published and communicated deadlines throughout the matching process. Our iMatch technology is state-of-the-art, highly secure, and confidential allowing Match participants to create their location selection preferences with piece-of-mind. **Integrity:** NRMP Matches foster a spirit of fairness because our services and matching processes are transparent, and all Match participants must adhere to the same rules and deadlines. Accepts and electronically verifies Personal Identity Verification (PIV) credentials Ranking information submitted by a Match participant is visible only to individuals connected with the Match Provides a standardized process based on 70 years of matching expertise Match outcome reports and statistics displayed at the conclusion of each matchFIPS 199 System Categorization - Moderate Service Model - SaaS Deployment Model - Community Cloud Stack / Leveraged Systems - AWS GovCloud A system customizable to each Match sponsor’s particular process: * Specific data fields displayed during participant registration * Branding with Agency logo alongside iMatch logo * Roles and responsibilities of users can be granted or removed specific to their job duties * Multi-tiered levels of access * Email reminders and confirmations with content relevant and detailed to each Match and Agency

NCR Government Cloud

FedRAMP Authorized

FedRAMP In Process

FedRAMP Authorized

NetDocuments Document Management System (DMS)

FedRAMP Authorized

Netskope GovCloud

FedRAMP Authorized

Netskope GovCloud, a FedRAMP High authorized zero-trust security platform, empowers federal agencies by delivering extensive access to web and cloud applications, implementing the granularity and precision necessary for enforcing zero-trust initiatives. The Netskope GovCloud services platform inspects network traffic to thwart cyber attacks, encompassing both malware and phishing, and integrates advanced security controls to prevent unauthorized data movements. The protective measures are seamlessly instantiated through GovCloud offerings, utilizing a Security Service Edge architecture that significantly simplifies functionality delivery and streamlines operations. Netskope GovCloud stands as the world's largest most performant private Security Service Edge (SSE), furnishing the US Government (USG) with swift and secure network access and serving as an adaptive, risk-based security policy enforcement point (PEP). Netskope GovCloud facilitates federal agencies in extending access to all applications, allowing for the orchestration and adoption of a zero-trust architecture aligned with the objectives outlined in Executive Order 14028, aimed at enhancing the nation's cybersecurity posture. Netskope GovCloud complies with DHS CISA's guidance and EO 14028, providing integration capabilities for all CISA Zero Trust pillars, NIST 800-207, and addressing advanced Department of Defense (DoD) Zero Trust use cases. Recognized as the leader in the Gartner Magic Quadrant for Security Service Edge, Netskope GovCloud is delivered as a Software as a Service (SaaS) from a unified platform, offering versatile SSE capabilities and flexible deployment patterns including: - Application and user activity risk monitoring with User and entity behavior analytics - SSL decryption with decoders for ANY routable web application - Cloud Access Security Broker – API and Active inline - Threat / Malware protection supporting signatures, AI/ML models, static and dynamic analysis - Data Loss Prevention with rules engine and AI/ML based text and image classifiers - Compromised Credential notification, HVA risk reporting and real-time user coaching - File and object quarantine, Forensics, file movement monitoring and legal hold - Open API for workflow orchestration, log exchange, bi-directional risk exchange and threat exchange - Dedicated Egress IP assuring established whitelist continuity

Netskope OneCloud Government

FedRAMP Authorized

FedRAMP Authorized

NICE CXone Customer Experience Platform

FedRAMP Authorized

NinjaOne for Government

FedRAMP In Process

Nintex Drawloop DocGen

FedRAMP Authorized

Nintex Automation Cloud for Government (NAC-G)

FedRAMP Authorized

RunCyberAssurance

FedRAMP Authorized

FedRAMP Authorized

Nucleus for Government (NucleusGov)

FedRAMP Authorized

WorldShare Management Services

FedRAMP Authorized

Odaseva GovCloud

Okta IDaaS Government High Cloud (GHC)

FedRAMP Authorized

Okta for Government High service offering provides centralized identity and access management capabilities to customers who want to manage access across any application or device, whether they are on-premises in the customer’s office/data center or in the cloud. The Okta IDaaS platform is the primary application platform provided to customers. The IDaaS application provides several important features/capabilities, which are listed below. - Universal Directory: Okta Universal Directory provides a single view across all these groups with AD and LDAP directory integrations and out-of-the-box connections with HR systems, CSV files, and third-party IdPs. Integration with Applications: Okta comes with pre-integrated applications that customers can select to allow their users to access them through the Okta Integration Network, either in their enterprise or in a cloud - Okta API Integration: Customers can also integrate their own applications with Okta API - Okta Sign-In Widget (SIW): SIW is the out of the box end user experience that our customers can deploy in an Okta hosted environment. SIW provides configurable user registration, sign in and recovery experience. - Okta Software Development Kit (SDKs): SDKs allow customers to build their own identity experience using Okta as a back end. - Okta Customer Organization Logging: Okta’s prebuilt monitoring, logging, and reporting tools make it easy to analyze security posture, user access events, lifecycle management transitions, security risks and other identity-related data. - Okta Admin Dashboard: Okta’s Admin Dashboard provides central administration and provisioning of users and the applications they can access. - Adaptive Multi-Factor Authentication (aMFA): Adaptive MFA provides an additional layer of security for access control, which gives Okta customers the ability to create contextual access policies that assess risk factors such as device, network, location, travel, IP, and other context at each step of the authentication process. Single Sign-On (SSO): Okta SSO creates a seamless user experience by providing single sign-on to all the web and mobile applications users need to access. - Okta Verify: Okta Verify is Okta’s native desktop and mobile application that can be used for mobile client-based MFA authentication. Okta Verify supports the following authentication mechanisms against a customers’ organization: Time-based One-time Password (TOTP), Okta Push Challenge-Response, and Okta FastPass (signed once challenge) - Okta FastPass - NIST 800-63B AAL2/AAL3 authenticator

Okta IDaaS Regulated Cloud

FedRAMP Authorized

OneSpan Sign, E-Signature and Digital Signature Service

FedRAMP Authorized

OneStream Cloud - High

FedRAMP Authorized

OnSolve Platform for Critical Event Management

FedRAMP Authorized

Onspring GovCloud

FedRAMP Authorized

Ontario Cloud Federal (OCF)

FedRAMP Authorized

OpenText Cloud for Government

FedRAMP Authorized

OpenText™ Core Application Security (Fortify On Demand)

FedRAMP Authorized

OpenWater Awards

FedRAMP Authorized

Oracle Enterprise Performance Management (EPM)

FedRAMP Authorized

FedRAMP Authorized

Oracle Service Cloud (OSvC)

FedRAMP Authorized

Federal Managed Cloud Services

FedRAMP Authorized

Oracle Guided Learning (OGL)

Government Cloud - Common Controls

FedRAMP Authorized

Oracle Cloud Infrastructure-Government Cloud

FedRAMP Authorized

Taleo Cloud - U.S. Government Cloud

FedRAMP Authorized

Aconex for Defense

FedRAMP Authorized

OrbusInfinity Federal

FedRAMP In Process

Orca Cloud Security Platform

FedRAMP Authorized

Own Government Cloud

FedRAMP Authorized

PagerDuty Operations Cloud

FedRAMP Authorized

Palantir Federal Cloud Service – Supporting Services (PFCS-SS)

FedRAMP Authorized

The PFCS-SS is a dedicated environment for the purpose of delivering best-of-breed commercial software to federal government customers as a secure cloud service at the FedRAMP High baseline. The software deployed to PFCS-SS is commercially available software configured to run on PFCS’ Kubernetes infrastructure and leverage PFCS’ management plane services. This includes: Grafana Federal Cloud - A fully managed, highly scalable observability platform, powered by Grafana Mimir for Prometheus metrics, Grafana Loki for logs, Grafana Tempo for traces, and Grafana, the de facto standard for data visualization. SpecterOps BloodHound Enterprise - See your organization from the attacker’s view, BloodHound Enterprise is an Attack Path Management solution that continuously maps and quantifies identity Attack Paths in Active Directory and Azure. Rizkly - a compliance program management platform that automates documentation, control evidence, monitoring, SSP, OSCAL and audit success so organizations can achieve and sustain FedRAMP, 800-53 and CMMC compliance with confidence. Manifest Cyber - provides software supply chain security, generating and ingesting SBOMs and AIBOMs, monitoring vulnerability databases like NVD and OSV, contextualizing with EPSS and KEV exploitability databases, supporting compliance with regulations such as Executive Order 14028 and the EU's Cyber Resilience Act, and aiding in copyleft-licensed software identification and third-party risk management. Hyperscience Hypercell - an AI platform with a proprietary model-based architecture that reads and understands all forms of content with 99% accuracy and 98.5% automation, scaling across the enterprise while ensuring auditability, governance, and security using private enterprise data. TRM Labs - provides blockchain intelligence to combat crypto-facilitated crime and support agency compliance, enabling investigation, monitoring, and detection of fraud by tracing cryptocurrency transactions across 30 blockchains and over 70 million digital assets in a unified graph. Windsurf - provides a suite of AI coding tools to accelerate developer productivity, including the Windsurf Plugins for popular IDEs like VSCode, JetBrains IDEs, and Eclipse as well as its own A-native IDE, the Windsurf Editor. Windsurf leverages state-of-the-art AI models and advanced context-awareness capabilities to deliver tools like fast autocomplete, codebase-aware Chat, and agentic coding capabilities. Enterprise developer teams rely on Windsurf to increase developer velocity, reduce onboarding times, and reduce tech debt. Windsurf was previously known as Codeium.

Palantir Federal Cloud Service – Moderate

FedRAMP Authorized

Palantir Federal Cloud Service - High

FedRAMP Authorized

FedRAMP Authorized

Strata: ● Prisma Access - a Secure Access Service Edge (SASE) that provides scalable, cloud-delivered networking and security to branch offices and remote users. With Prisma Access, agencies are able to rapidly enable consistent, secure connectivity for remote locations and employees. ● Prisma SD-WAN - a product that provides deep application visibility, with Layer 7 intelligence for network policy creation and traffic engineering. It automates operations and problem avoidance using machine learning and data science methodologies. Prisma SD-WAN enables branch services such as networking and security to be delivered from the cloud, simplifying WAN management. ● Cloud Manager for Prisma Access - a cloud delivered solution used by customers to manage Prisma Access from Palo Alto Networks’ Hub. Fawkes allows customers to quickly onboard branches and mobile users through an intuitive and function oriented user experience. Fawkes also provides configuration management of Prisma Access’ security policies. ● Cortex Data Lake (CDL) - collects, normalizes, and integrates data from Palo Alto Networks products with public cloud scale. ● WildFire - an analysis and prevention engine for highly evasive zero-day exploits and malware. The cloud-based service employs a unique multi-technique approach combining dynamic and static analysis and innovative machine learning techniques to detect and prevent even the most evasive threats. It is a subscription service that works with the Palo Alto Networks Next Generation Firewalls (including VM-Series and CN-Series), Prisma Access, Prisma Cloud, Cortex XSIAM, and Cortex XDR. ● SaaS Security (Inline, SSPM) - is an integrated CASB (Cloud Access Security Broker) solution that helps Security teams meet the challenges of protecting the growing availability of sanctioned and unsanctioned SaaS applications and maintaining compliance consistently in the cloud while stopping threats to sensitive information, users and resources. SaaS Security Inline helps discover and manage risks posed by unsanctioned SaaS applications while SaaS Security Posture Management (SSPM) helps detect and remediate misconfigured security settings in sanctioned SaaS applications through continuous monitoring. ● Inline DLP - serves as a data security service integrated with various Palo Alto Networks services (called channels) such as SaaS Security, Prisma Access, Prisma Cloud, and the Next Generation Firewall platform to provide data security at these various enforcement points. These channels send files to the DLP service via APIs, where DLP will scan the file, perform analysis to detect sensitive data in violation of customer policies in the file, and return this verdict and other data back to the channel. The channel then uses this information to take remedial action in order to protect sensitive data. ● ACE - a generic platform that enables the firewall or Panorama to download App-IDs from the cloud for applications that do not have specific predefined App-IDs from the Palo Alto Networks content releases. ● CIE - Identity-based security controls are a foundational requirement to achieve Zero Trust. Palo Alto Networks Cloud Identity Engine is an entirely new cloud-based architecture for identity-based security that can consistently authenticate and authorize your users, regardless of location and where user identity stores live - on-premises, in the cloud, or hybrid. As a result, security teams can effortlessly allow all users access to applications and data everywhere and quickly move toward a Zero Trust security posture. ● MSP for Prisma SASE - a set of two services (pa-passthru-api-service and pa-custom-api-service) that provide APIs to support the following functionality: Aggregate application, application usage, threats and URL metrics across tenants in a tenant hierarchy Constrain the list of tenants being aggregated to the list of tenants that are authorized for the user in question ● App Services (Hub, API Gateway, Visualization & Reporting, Prisma Access Insights) ○ API Gateway supports unified access to the open APIs of PANW SASE applications. Currently, API Gateway is used by Cloud Management Prisma Access, SD-WAN, Cortex Data Lake (CDL), and Prisma Access Insights customers. Working in conjunction with PANW Global IdP (Identity Provider), which provides authentication services, API Gateway provides authorization services for RESTful API and routing those APIs to multiple applications and regions. ○ Prisma Access Insights is a comprehensive platform for global visibility and monitoring for the Prisma Access service. It continuously monitors the health and performance of your Prisma Access environment with Insights in the Prisma Access app. ○ Visualization & Reporting is the security visualization and reporting product for network security use cases. It provides dashboards to end users to monitor and understand the security of their networks and how different security subscriptions from Palo Alto Networks are performing. Cortex: ● Cortex XDR - a cloud-based service providing a prevention, detection and response platform that integrates network, endpoint, and cloud data to stop sophisticated attacks. Cortex XDR leverages logs, alerts, and information from Palo Alto Networks and third-party security products. It also enforces security policies on endpoints, preventing malware and data loss. Cortex XDR correlates security alerts and network logs with the endpoint processes that generated the alerts, allowing customers to investigate security alerts, as well as search for and remotely respond to threats. ● Cortex Xpanse - an active attack surface management solution that helps your organization discover, understand and respond to unknown risks in all internet-connected systems and services. Xpanse scans the entire internet automatically and continuously, discovering and indexing previously unknown risks, using supervised ML models to continuously map your attack surface and prioritize remediation efforts, while reducing MTTR with the help of built-in automated playbooks. ● Cortex XSIAM - a cloud-delivered, integrated SOC platform that unifies key functions, including EDR, XDR, SOAR, ASM, UEBA, TIP, and SIEM, consolidating multiple products into a single, integrated platform. XSIAM delivers an intelligent data foundation by integrating telemetry from any source, providing unified security operations across any hybrid IT architecture. ● Cortex XSOAR - a comprehensive security orchestration, automation, and response (SOAR) platform that unifies case management, automation, real-time collaboration, and threat intelligence management to serve security teams across the incident lifecycle. ● Cortex Cloud - a unified security platform that enhances application security, cloud posture management and runtime protection. It integrates AppSec, identity, data, cloud infrastructure, and workload security while providing a code-to-cloud-to-runtime-to-SOC approach. With a strong shift-left strategy, it enables proactive remediation using both in-house and third-party tools. The Cloud Detection and Response (CDR) capabilities leverage multiple data sources to deliver real-time threat detection, protection and automated response. (Authorized as of May 2025, please reach out to sales for availability) Prisma Cloud Enterprise (SaaS): ● Prisma Cloud - a cloud-native security platform that consistently provides comprehensive visibility into misconfiguration and over-permissive roles, with threat detection and compliance assurance across multi-cloud environments. ○ CSPM ○ Agentless Workload Security ○ CIEM ○ API Visibility ○ Secret Security ○ SCA ○ IaC Security ● Prisma Cloud Compute (Delivered via Prisma Cloud) - a cloud-native platform that delivers cloud workload protection. Prisma Cloud Compute provides holistic protection across hosts, containers, and serverless deployments in any cloud, throughout the software lifecycle. Prisma Cloud Compute protects all workloads regardless of their underlying compute technology or the cloud in which they run. In addition, it provides Web Application and API Security (WAAS) for any cloud native architecture. ○ Cloud Workload Protection ○ Web Application API Security

Palo Alto Networks Government Cloud Services

FedRAMP Authorized

Strata Network Security Platform Secure users, apps, and data anywhere— on-premises, in the cloud, or hybrid. Get complete Zero Trust network security to see and secure everything from your headquarters to branch offices and data centers, as well as your mobile workforce. Prisma Access - a Secure Access Service Edge (SASE) that provides scalable, cloud-delivered networking and security to branch offices and remote users. With Prisma Access, agencies are able to rapidly enable consistent, secure connectivity for remote locations and employees. ZTNA Connector - The Zero Trust Network Access (ZTNA) Connector lets you connect Prisma Access to your organization's private apps simply and securely. ZTNA Connector provides mobile users and users at branch locations access to your private apps using an automated secure tunnel. Because the ZTNA Connector sets up the tunnels automatically, you don't have to manually set up IPSec tunnels and routing to the data center or headquarters locations, public cloud locations, and partner networks where your private apps are located. (Authorized as of February 2025, please reach out to sales for availability) Colo Connect - Colo-Connect builds on the Colo-based performance hub concept, offering high-bandwidth (up to 20 Gbps) private connections along with seamless Layer 2/3 connectivity to Prisma Access from existing performance hubs. (Authorized as of February 2025, please reach out to sales for availability) Traffic Replication - We partnered with Google Cloud Platform (GCP) to enable Google Cloud Packet Mirroring outside the Prisma Access security processing node so it wouldn’t interfere with the security inspection efficacy and overall performance of Prisma Access.Google Cloud Packet Mirroring clones the traffic and delivers a line-rate performance with zero impact on current operations. As with any GCP service, traffic cloning enables Prisma Access Traffic Replication to elastically manage the scale of traffic volume for any of the largest organizations. (Authorized as of February 2025, please reach out to sales for availability) 5g SASE - Prisma SASE 5G extends comprehensive zero-trust security to enterprise 5G deployments. Prisma SASE 5G feature integrates zero-trust security with 5G networks, enabling service providers to offer comprehensive SASE services for 5G-connected devices without the complexity of agents or inline hardware. (Authorized as of February 2025, please reach out to sales for availability) Explicit Proxy - Prisma Access provides a complete cloud Secure Web Gateway (SWG) capability, including an Explicit Proxy connection method based in the cloud. If your organization’s existing network already uses explicit proxy and deploys PAC files on your client endpoints, you can smoothly migrate from legacy proxy-based SWG solutions to Prisma Access to secure mobile users’ outbound internet traffic. You can also use an Explicit Proxy if you need to use a proxy for compliance purposes. (Authorized as of February 2025, please reach out to sales for availability) Prisma SD-WAN - a product that provides deep application visibility, with Layer 7 intelligence for network policy creation and traffic engineering. It automates operations and problem avoidance using machine learning and data science methodologies. Prisma SD-WAN enables branch services such as networking and security to be delivered from the cloud, simplifying WAN management. Strata Cloud Manager (SCM) for Prisma Access - a cloud delivered solution used by customers to manage Prisma Access from Palo Alto Networks’ Hub. Strata Cloud Manager allows customers to quickly onboard branches and mobile users through an intuitive and function oriented user experience. Strata Cloud Manager also provides configuration management of Prisma Access’ security policies. (Authorized as of February 2025, please reach out to sales for availability) Cloud Next-Generation Firewall (CNGFW) - Cloud NGFW is Palo Alto Networks ML-powered Next-Generation Firewall (NGFW) capability delivered as a fully managed cloud-native service by Palo Alto Networks on the Amazon Web Services (AWS) and Azure platforms. This deployment model combines the power of the Palo Alto NGFW with the ease of use. The Cloud NGFW service provides advanced application visibility and access control using Palo Alto Networks’ App-ID and URL filtering technologies. It provides threat prevention and detection through cloud-delivered security services and threat prevention signatures. (Authorized as of February 2025, please reach out to sales for availability) AIOps - AIOps harnesses big data from operational appliances and has the unique ability to detect and respond to issues instantaneously. Using the power of ML, AIOps strategizes using the various forms of data it compiles to yield automated insights that work to refine and iterate continually. AIOps seeks to address a quickly evolving IT landscape using the convenience of machine learning, automation and big data. (Authorized as of February 2025, please reach out to sales for availability) Remote Browser Isolation (RBI) - Fully isolate zero-day web attacks far away from local devices and browsers. Deliver superior browser isolation without sacrificing web performance with Palo Alto Network’s RBI, which combines the latest isolation technologies with proprietary technologies and creates a no-code execution channel between users and web content. (Authorized as of February 2025, please reach out to sales for availability) Strata Logging Service (SLS, formerly CDL) - collects, normalizes, and integrates data from Palo Alto Networks products with public cloud scale. WildFire - an analysis and prevention engine for highly evasive zero-day exploits and malware. The cloud-based service employs a unique multi-technique approach combining dynamic and static analysis and innovative machine learning techniques to detect and prevent even the most evasive threats. It is a subscription service that works with the Palo Alto Networks Next Generation Firewalls (including VM-Series and CN-Series), Prisma Access, Prisma Cloud, Cortex XSIAM, and Cortex XDR. SaaS Security (API, Inline, SSPM) - is an integrated CASB (Cloud Access Security Broker) solution that helps Security teams meet the challenges of protecting the growing availability of sanctioned and unsanctioned SaaS applications and maintaining compliance consistently in the cloud while stopping threats to sensitive information, users and resources. SaaS Security Inline helps discover and manage risks posed by unsanctioned SaaS applications while SaaS Security Posture Management (SSPM) helps detect and remediate misconfigured security settings in sanctioned SaaS applications through continuous monitoring. Inline DLP - serves as a data security service integrated with various Palo Alto Networks services (called channels) such as SaaS Security, Prisma Access, Prisma Cloud, and the Next Generation Firewall platform to provide data security at these various enforcement points. These channels send files to the DLP service via APIs, where DLP will scan the file, perform analysis to detect sensitive data in violation of customer policies in the file, and return this verdict and other data back to the channel. The channel then uses this information to take remedial action in order to protect sensitive data. Email DLP - Enterprise DLP prevents exfiltration of emails containing sensitive information with AI/ML powered data detections. For example, Enterprise DLP can prevent exfiltration of sensitive data over an outbound email sent from a salesperson within your organization to their personal email. (Authorized as of February 2025, please reach out to sales for availability) ACE - a generic platform that enables the firewall or Panorama to download App-IDs from the cloud for applications that do not have specific predefined App-IDs from the Palo Alto Networks content releases. CIE - Identity-based security controls are a foundational requirement to achieve Zero Trust. Palo Alto Networks Cloud Identity Engine is an entirely new cloud-based architecture for identity-based security that can consistently authenticate and authorize your users, regardless of location and where user identity stores live - on-premises, in the cloud, or hybrid. As a result, security teams can effortlessly allow all users access to applications and data everywhere and quickly move toward a Zero Trust security posture. IoT Security - Protects your IoT attack surface with the industry’s smartest IoT Security solution delivering ML-powered visibility, prevention, and zero-trust enforcement in a single platform. IoT Edge Cloud now included. MSP for Prisma SASE - a set of two services (pa-passthru-api-service and pa-custom-api-service) that provide APIs to support the following functionality: Aggregate application, application usage, threats and URL metrics across tenants in a tenant hierarchy Constrain the list of tenants being aggregated to the list of tenants that are authorized for the user in question App Services (Hub, API Gateway, Visualization & Reporting, Prisma Access Insights) API Gateway supports unified access to the open APIs of PANW SASE applications. Currently, API Gateway is used by Cloud Management Prisma Access, SD-WAN, Cortex Data Lake (CDL), and Prisma Access Insights customers. Working in conjunction with PANW Global IdP (Identity Provider), which provides authentication services, API Gateway provides authorization services for RESTful API and routing those APIs to multiple applications and regions. Prisma Access Insights is a comprehensive platform for global visibility and monitoring for the Prisma Access service. It continuously monitors the health and performance of your Prisma Access environment with Insights in the Prisma Access app. Telemetry Data Ingestion from Prisma Access Firewalls Firewall Log Data Ingestion from Cortex Data Lake Data Analyzation and Processing Pipelines Data Presentation to User via Prisma Access UI Data retrieval via API service Visualization & Reporting is the security visualization and reporting product for network security use cases. It provides dashboards to end users to monitor and understand the security of their networks and how different security subscriptions from Palo Alto Networks are performing. Advanced Threat Prevention (ATP) - Advanced Threat Prevention Powered by Precision AI defends your network against both commodity threats—which are pervasive but not sophisticated—and targeted, advanced threats perpetuated by organized cyber adversaries. Advanced Threat Prevention includes comprehensive exploit, malware, and command-and-control protection, and Palo Alto Networks frequently publishes updates that equip the firewall with the very latest threat intelligence. (Authorized as of February 2025, please reach out to sales for availability) Prisma Access Browser (PAB) - The Prisma Access Secure Enterprise Browser (Prisma Access Browser) is a browser designed specifically for enterprise use and is fortified with security features to protect users and organizations against cyber threats like phishing, malware, eavesdropping, and data exfiltration. Prisma Access Browser is the only solution that secures both managed and unmanaged devices, through a natively integrated enterprise browser that extends protection to the devices by placing security in the browser. (Authorized as of February 2025, please reach out to sales for availability) Cortex Palo Alto Networks offers the industry’s most comprehensive product portfolio for security operations, empowering organizations and agencies with best-in-class detection, investigation, automation, and response capabilities. Cortex XDR - a cloud-based service providing a prevention, detection and response platform that integrates network, endpoint, and cloud data to stop sophisticated attacks. Cortex XDR leverages logs, alerts, and information from Palo Alto Networks and third-party security products. It also enforces security policies on endpoints, preventing malware and data loss. Cortex XDR correlates security alerts and network logs with the endpoint processes that generated the alerts, allowing customers to investigate security alerts, as well as search for and remotely respond to threats. Cortex Xpanse - an active attack surface management solution that helps your organization discover, understand and respond to unknown risks in all internet-connected systems and services. Xpanse scans the entire internet automatically and continuously, discovering and indexing previously unknown risks, using supervised ML models to continuously map your attack surface and prioritize remediation efforts, while reducing MTTR with the help of built-in automated playbooks. Cortex XSIAM - a cloud-delivered, integrated SOC platform that unifies key functions, including EDR, XDR, SOAR, ASM, UEBA, TIP, and SIEM, consolidating multiple products into a single, integrated platform. XSIAM delivers an intelligent data foundation by integrating telemetry from any source, providing unified security operations across any hybrid IT architecture. Cortex XSOAR - a comprehensive security orchestration, automation, and response (SOAR) platform that unifies case management, automation, real-time collaboration, and threat intelligence management to serve security teams across the incident lifecycle. Cortex Cloud - a unified security platform that enhances application security, cloud posture management and runtime protection. It integrates AppSec, identity, data, cloud infrastructure, and workload security while providing a code-to-cloud-to-runtime-to-SOC approach. With a strong shift-left strategy, it enables proactive remediation using both in-house and third-party tools. The Cloud Detection and Response (CDR) capabilities leverage multiple data sources to deliver real-time threat detection, protection and automated response. (Authorized as of February 2025, please reach out to sales for availability) Prisma Cloud Enterprise (SaaS) We secure applications from code to cloud, enabling security and DevOps teams to collaborate effectively and accelerate secure cloud-native application development and deployment. Prisma Cloud - a cloud-native security platform that consistently provides comprehensive visibility into misconfiguration and over-permissive roles, with threat detection and compliance assurance across multi-cloud environments. CSPM Agentless Workload Security CIEM API Visibility Secret Security SCA IaC Security Prisma Cloud Compute (Delivered via Prisma Cloud) - a cloud-native platform that delivers cloud workload protection. Prisma Cloud Compute provides holistic protection across hosts, containers, and serverless deployments in any cloud, throughout the software lifecycle. Prisma Cloud Compute protects all workloads regardless of their underlying compute technology or the cloud in which they run. In addition, it provides Web Application and API Security (WAAS) for any cloud native architecture. Cloud Workload Protection Web Application API Security

FedRAMP Authorized

Paperless Innovations, with our Actus solution, has repositioned GPC utilization and funds management processes as a government-wide shared service under the auspices of Treasury Management available on the FM QSMO Marketplace. Actus is eligible for direct award under pre-competed terms on GSA MAS contract # 47QTCA24D002X utilizing SIN 518210FM (Financial Management) and 54151ECOM (Ecommerce). Our end-to-end (E2E) process optimizations are inclusive of requisitions, obligations, order and transaction processing, settlements, close-out of commitments, records management, and audit. Agencies benefit operationally by adopting FedRAMP secured Cloud-based Government Purchase Card (GPC) processes supporting accurate and timely close-outs of commitments in their preferred financial system. Paperless Innovations, Inc. is committed to enabling GPC spend under management to improve the efficiency and accuracy of government purchase card programs as a compliant financial instrument on par with all Treasury disbursements. Actus eliminates improper payments in the GPC Program utilizing secure, best of breed practices including RPA workflow automations, intelligent digital document authentication with data validation on required forms and attachments, providing financial accuracy and reliability with real-time status of funds, automated reconciliation, and inherent internal controls enforcement. Actus is currently in daily use by thousands of government cardholders and Approving Officials with implementations including end-to-end regulatory and compliance automation for Purchase Card Program Management, cardholders, and associated approvers, requestors, financial managers, and auditors. As directed in OMB Memorandum A-123, Appendix B, Risk Management Guidelines for Government Purchase Card Programs, Agencies should seek cloud automation solutions enabling GPC financial management, internal controls, and prevention of improper payments in avoidance of fraud, waste, and abuse. The OMB guidance is based on 3 pillars of operational excellence: Accountability, Compliance, and Transparency. - Accountability - Actus helps agencies paint a complete and total picture of each expense, eliminating guesswork, human error, and manual data entry tracking. Workflow automations ensure all Agency policies supporting separation of duties, improper payments reduction, and avoidance of split purchases are inherently enforced. - Compliance - Simplified, structured data is at the heart of compliance automation ensuring adherence to Agency policies and acquisition regulations. The Actus solution streamlines and automates oversight processes while maintaining rich transactional records for instant audit reporting. Actus furthers the regulatory mission of each agency with intelligent digital document processing using AI for records authentication, validation, retention, and disposal of purchase records presented as supporting documentation by cardholders. Adoption of Actus itself satisfies and supplements Federal paperless mandate compliance as well as DATA Act, IPERA, IPERIA, Public Law 115 The Evidence Act, M-19-16 Shared Services, A-11 Preparation, Submission, and Execution of the Budget, and more. - Transparency - Actus enables real time visibility over the status of funds in Government Purchase Card Programs, enabling Agencies to maximize GPC purchasing efficiency throughout the entire federal fiscal year. Actus presents role-specific dashboards enabling full visualization of all workflow processes, transactional data, and documents on a need-to-know, right-to-know basis. Audit automation occurs with every upload of bank transactions without requiring manual packet creation by cardholders and enables inspection of every detail of each purchase made within a selected time frame in a unified, streamlined format. Actus elevates GPC financial management to the level of any other public funds obligation, supports accounting with financial system integration, enables informed budgeting with detailed item level transaction data, configures and customizes instant reporting, and unlocks actionable data for analytics, records examination, and transactions investigation. Actus increases Agency confidence to maximize refunds with daily bill pay and enables the use of purchase cards up through $25,000 in coordination with blanket purchases and standing orders. P-Card Compliance Automation Features: - Custom Approval Workflows - Financial Data Capture - Full Lifecycle Spend Tracking - Cloud Storage of Reconciliation Packets - Dashboard Visualization of data & documents - Automated Reconciliation Statements - Structured Item Level (Level 3) Data - Merchant Class Code Tracking - Suspicious Pattern & Activity Detection - Alerts for Each Stage of Transaction - Transactional Keyword Search - Bank Statement Transaction Matching - Auto-Matched Transactions - Travel Expense Tracking and Management - Daily, Weekly, or Monthly Reconciliation - PIV/CAC authentication - Simplified documentation in support of G-Invoicing - Live Agent Contact Center and Customer Services - Actus web app runs on all modern browsers

The Paramify Cloud (Paramify) is a software platform that automates risk management processes—including compliance planning, solution implementation, gap assessments, and documentation—for cloud service providers, government agencies, and members of the Defense Industrial Base (DIB). Paramify supports adherence to control catalog requirements including NIST 800-53 (FedRAMP, FISMA, GovRAMP, TX-RAMP), NIST 800-171 (CMMC), and standards such as SOC 2, HIPAA, and ISO 27001, with support for additional catalogs and profiles continually expanding. SSP and ATO Package Management ∙ Fast and Easy Setup: Upload previous SSPs or use the intake process to identify your system’s elements and security capabilities. Paramify then generates a roadmap to support your risk management and compliance objectives. ∙ Streamlined Control Implementation & Optimization: Visualize progress and manage security program capabilities through a unified dashboard that tracks system elements and responsibilities. ∙ ATO Package Generation: Produce accurate SSP documentation in both digital (OSCAL) and human-readable formats, with flexible export options that support various file types, including but not limited to OSCAL, PDF, Word, and Excel. ∙ Incorporate Changes Efficiently: As your risk management approach evolves, maintaining stack profiles in Paramify reduces manual update errors across documentation. Paramify automatically synchronizes updates to your SSP, CRM, CIS, policies, procedures, and other records to support compliance with evolving data protection requirements. Continuous Monitoring and Issue Management ∙ Automated POA&M Documentation: Automatically manage and update POA&M documentation via a centralized task-priority view, eliminating the need to manage from multiple spreadsheets or scan files. ∙ Vulnerability Management with Duplicate Detection: Automatically close resolved vulnerabilities and employ duplicate detection to ensure accurate issue tracking. ∙ Automated Risk Adjustment: Apply risk adjustments across multiple issues automatically to support consistent prioritization of remediation efforts. ∙ Automated Inventory Reconciliation: Configure and maintain inventory reconciliation rules to generate accurate workbooks automatically, without manual review of scan files—including those for ephemeral virtual hosts. Integration with Your Organization’s Processes ∙ Workflow Management: Integrate with issue management tools (e.g., Jira, ServiceNow, GitLab) to facilitate collaboration between DevOps and security teams for timely issue remediation. ∙ Evidence Management: Unified evidence approach that minimizes or eliminates duplicate collection efforts. ∙ API Integrations: Paramify’s open API supports custom integrations with system components to facilitate connectivity and interoperability. Available in SaaS and self-hosted implementations.

Palladium (PerformanceFIT2)

Pearson Federal Cloud System

FedRAMP Authorized

Pega Cloud for Government

FedRAMP Authorized

TransAccess GovCloud Records (GCR)

FedRAMP In Process

Gov Cloud Records (GCR) Service Description: The Gov Cloud Records (GCR) system, developed and maintained by Peniel Solutions LLC, is a Software-as-a-Service (SaaS) solution hosted within the AWS FedRAMP-authorized GovCloud environment. The GCR platform is designed to support secure electronic records management for federal agencies, aligning with NARA and HUD requirements. The GCR CSO includes the following components, functions, and features within its FedRAMP authorization boundary: a. User Access and Identity Management: Role-based access control (RBAC) is enforced using AWS Identity and Access Management (IAM) and internal policies. Multi-factor authentication (MFA) is required for all users, with session timeouts and account lockout mechanisms in place. b. Data Protection: All data is encrypted at rest and in transit using FIPS 140-2 validated cryptographic modules. AWS Key Management Service (KMS) is used for key management. c. Audit and Logging: Comprehensive audit logging is implemented using AWS CloudTrail and CloudWatch. Logs capture user activity, system events, and security-relevant actions, and are retained in accordance with M-21-31. d. System Monitoring and Incident Response: Continuous monitoring is conducted using AWS-native tools (e.g., GuardDuty, CloudWatch). An incident response plan is in place, aligned with NIST SP 800-61. e. Configuration and Change Management: Configuration baselines are maintained using AWS System Manager and GitHub repositories. Changes are managed through a formal change control process with impact analysis and rollback capabilities. f. Contingency Planning: GCR implements automated backups using AWS Backup, with recovery objectives defined to ensure continuity of operations. Alternate processing and storage sites are provisioned within AWS GovCloud. g. Security Training and Awareness: All personnel undergo annual security awareness and role-based training. Training records are maintained internally and reviewed regularly. h. Boundary Definition: The authorization boundary includes all components hosted within AWS GovCloud, including EC2 instances, S3 storage, RDS databases, and associated networking and security services. No external systems or users are permitted access. This service description reflects only the features and components that are tested and accredited as part of the FedRAMP authorization boundary

Next Generation Cloud Platform

FedRAMP Authorized

Perceptyx Insights Platform

FedRAMP Authorized

Pexip Government Cloud (PGC)

FedRAMP Authorized

Pexip Government Cloud is a SaaS-based video teleconferencing (VTC) solution for U.S. federal, state, and local government organizations. With Pexip, government customers can augment their existing on-premise VTC infrastructure with a subscription-based service model while retaining ownership of their specific endpoint dial plan and call control routing rules. By migrating to a SaaS or hybrid service model, government organizations maintain operational control of their endpoints and systems without incurring the long-term costs of developing and maintaining additional infrastructure. Pexip Government Cloud’s secure VTC platform brings the modernized meeting experience to the government user base in the following ways: • Microsoft-certified Cloud Video Interoperability (CVI) for Microsoft Teams – Helps agencies securely collaborate on Microsoft Teams in their hybrid workplace. With Pexip Government Cloud, employees can join Microsoft Teams calls from their existing standards-based meeting room video systems as well as enterprise-class standards-based soft clients. • Bi-Directional SIP Dialing for Windows-Based Microsoft Teams Rooms (MTRw) – Expanding on Pexip’s CVI capability, this feature enables SIP-based video conferencing endpoints to call directly into Microsoft Teams Rooms (MTR) running on Windows, and vice versa. This allows government agencies to integrate MTRw into their broader VTC ecosystem, ensuring seamless cross-platform collaboration. • Google Meet Interoperability – Enables agencies to seamlessly connect standards-based VTC systems directly into Google Meet meetings using native SIP dialing. This allows government users to leverage existing room-based video conferencing hardware to join Google Meet sessions without additional plugins or workarounds, ensuring a secure, seamless, and familiar meeting experience. • Standards-Based Virtual Meeting Rooms (VMRs) – Supports customer VTC endpoint devices and clients, featuring Pexip’s native CMVP-validated FIPS 140-3 encryption suite, ensuring secure and compliant video communications. • Self-Hosted Platform Integration – Enables hybrid VTC deployments where Pexip Government Cloud extends the customer’s existing self-hosted platform. This integration allows VTC systems to seamlessly connect with enterprise third-party applications, support calendaring integrations for simplified end-user join flows, and align with global policy frameworks such as Zero Trust Architecture (ZTA) and Secure Access Service Edge (SASE).

FedRAMP Authorized

Pitney Bowes SendPro 360 Sending, Receiving, and Locker Management Solution Pitney Bowes SendPro 360 is a comprehensive, cloud-based sending, receiving, locker management, and analytics solution that powers your mailroom operations for maximum efficiency and transparency. Multi-Carrier Shipping and Mailing SendPro 360 makes mailing and shipping quick and easy by empowering departments with the flexibility to send in the way that’s right for them. Users save time and money by printing stamps directly from the online interface and by accessing SendPro 360 multi-carrier shipping functionality to compare rates and print labels across major carriers. The ability to track spend and activity by account or department, facilitates project or departmental chargebacks for accurate accounting. SendPro360 includes a dedicated certified and electronic return receipt (ERR) and registered mailing process with proof of delivery reporting. Also, qualified users can prepare ship requests for packages sent to the mailroom for processing. Package Receiving, Tracking and Delivery The SendPro 360 platform automates the process of receiving, tracking, and delivering incoming packages and mail through a simple scan of a barcode. Manually logging items instantly becomes a process of the past. It can configure delivery routes, provide lists of packages, and has the ability to manage assets. Package tracking notifications via email and SMS as well as SLA management simplify and enhance the experience. -The SendPro 360 platform automates the process of receiving, tracking, and delivering incoming packages and mail through a simple scan of a barcode. Smart Locker Management Effectively manage the delivery process of packages, assets, and other important items moving across your organization with SendPro 360 Smart Locker Management capabilities. This software solution is the intelligence behind a physical smart locker and helps ensure safe, secure contactless delivery. It modernizes the pickup process by enabling convenient 24/7 self-service locker access and automates alerts notifying recipients they have an item for pickup while preserving chain-of-custody. Our Smart Locker Management Software allows users to remotely manage or troubleshoot smart lockers across a single site or multiple locations. Plus, it offers extensibility ensuring seamless expansion to additional workflows to meet evolving needs. -These solutions will require customer-provided hardware and will require assessment, authorization, and continuous monitoring of such capabilities by using agencies. Pitney Bowes has the technical expertise to help determine which hardware best meets agency needs and to assist with agency authorization and approval processes. Analytics From smaller mailrooms to multi-location operations, SendPro 360 offers complete visibility into your receiving and sending operations. Dynamic views can be filtered by divisions, locations, cost accounts, and users, across any date range. View and manage postage and shipping spend, and gain insights to your receiving and locker metrics all the way through final delivery to ensure packages and mail are accounted for and delivered on time. Gauge performance, operator efficiency, and resource utilization to ensure service level agreement (SLA) metrics are being met. To locate a package, SendPro 360 provides end-to-end tracking of packages, locker activity, as well as shipping and mailing activity across your government agency.

PlanStreet Case Management System

Point Blue Science Cloud

FedRAMP Authorized

PowerCore™ (PC-GOV)

FedRAMP Authorized

PowerTrain Government Learning Enclave - SaaS

FedRAMP Authorized

The PowerTrain Government Learning Enclave is a secure cloud environment that hosts the PowerTrain Learning Ecosystem of Software-as-a-Service (SaaS) solutions, including the Callisto Learning Platform powered by Moodle™, Career Voyager Talent Management Platform, LMS-Express, SecureWiki, Drupal™ Secure Baseline for Government, Veracity LRS, and Rustici Content Controller. All applications offer multi-factor authentication and single sign-on options. The Callisto Learning Platform powered by Moodle™ is hardened and secured for government use to provide a comprehensive suite of learning delivery and management tools for enterprises large and small. Included in its approved baseline are the current Moodle™ long term release; Electronic Human Resource Integration (EHRI) data collection and reporting; integrated Authorization, Agreement, and Certification of Training Form (SF-182); Individual Development Plans (IDP); comprehensive registration management for live learning events with adjustable workflow, wait list management, and automated notifications; competency management; lesson plans; mandatory training compliance; configurable reports; and support for multiple tenants. The Career Voyager Talent Platform includes Career Mapping, Leadership Succession Planning, Candidate Review, and PowerSurvey. Career Mapping enables users to map a progressive career ladder of job opportunities within an organization, as well as view skills, abilities, competencies, recommended training, and developmental activities necessary to progress from one position to another; Leadership Succession Planning resources, assessments, tools, and reference materials to promote self-discovery, accelerate career advancement, and support leadership development; Candidate Review System supports talent acquisition efforts for fellowships, technical internships, and other multi-phase, interactive application processes; and PowerSurvey supports a variety of employee data collection and secure reporting efforts. LMS-Express is a powerful, lightweight learning management system designed for targeted asynchronous eLearning content delivery. SecureWiki is a hardened and secure version of MediaWiki™ and includes additional functionality to support the unique reporting requirements of government users. Our Drupal™ Secure Baseline for Government is a hardened and secure version of Drupal™ and includes a number of Drupal™ modules cleared for use in the baseline with the ability to extend functionality. Veracity LRS is a robust solution designed to capture, store, and return data about learning experiences in compliance with the Experience API (xAPI) specifications. It serves as a central repository for learning records, enabling detailed tracking and analysis of learner activities across the components of the PowerTrain Learning Ecosystem. With powerful analytics capabilities, the LRS allows organizations to provide a comprehensive view of learning outcomes and effectiveness, enabling educators to make informed decisions to enhance learning strategies and improve overall educational outcomes. Rustici Content Controller ensures uniform access to training materials such as SCORM 1.2, SCORM 2004 (2nd, 3rd, & 4th editions), AICC, xAPI, cmi5, MP3, MP4, and PDF, enhancing the interoperability and efficiency of content delivery without the need for duplicating course files. This capability not only streamlines the management of eLearning content but also supports seamless, secure, and scalable training deployments. Event Registration System supports online registration for live and virtual events. Moodle™ is a registered trademark of Moodle Pty Ltd or its related affiliates. Drupal™ is a registered trademark of Dries Buytaert. MediaWiki™ is a registered trademark of the Wikimedia Foundation.

Data Integrity Suite

FedRAMP In Process

Privoro Fulcrum Cloud

FedRAMP Authorized

FedRAMP In Process

The Project Hosts “GSS One-AWS” PaaS is a Government Only general support system deployed on AWS GovCloud. The GSS One-AWS is composed of systems and services that manage access control, authentication, auditing, monitoring, scanning, patching, configuration management, malware prevention, intrusion prevention, incident response, backup, and disaster recovery for each Application deployed on the GSS One-AWS. All of the systems that make up the GSS1-AWS and the Project Hosts engineers that administer the systems can be leveraged by any customers to meet the security requirements for their systems at FedRAMP High or Il4 Impact levels. There are three main SaaS components customers deployed on the GSS One-AWS system can leverage and are provided by default: - GSS One Portal/Admin Page: The GSS One Portal is a page where customer users and PH support can login to create and manage non privileged users for their organization including revoking access. It also provides them with the ability to upload software binaries to the test environment and screenshots and other supporting artifacts required for support tickets. The GSS One Admin page is accessible only to PH engineers and is used for managing inventory, privileged user maintenance windows and account creation and JIT access and has dashboards for PH engineers to provide a centralized view of each environment. - GSS One Ticketing System: Project Hosts has configured a customer facing support portal for creating and managing support tickets. This allows customers to view all of their relevant tickets, create tickets, upload screenshots and communicate with PH staff through a secure channel. - GSS One Console: GSS One Console is a one stop shop for agency and CSP customers to view relevant information for their system and aid in implementing and maintaining ConMon requirements including a document repo for SSP and appendixes, POA&Ms and vulnerability scans, allows them to manage training, track incidents, track vulnerabilities and other corrective actions, track red teaming activities, view availability monitoring alerts, change control ticketing, link controls to artifacts and evidence to speed up ATO times, centralized up to date contact lists. There are two main types of customers who use the GSS One-AWS: (i) Independent Software Vendors (ISVs) deploying multitenant SaaS applications and (ii) Federal, state or local agencies deploying dedicated applications just for their agency or organization (not multitenant). For both types of customers, their applications are deployed on customer-dedicated virtual servers (or FedRAMP authorized AWS PaaS services) inside customer-dedicated subnets. VPC Firewall access controls ensure that each customer's subnet is completely isolated from and has no access to any other customer's subnet. For GSS One-AWS customers, Project Hosts also provides services that are over and above the PaaS offering described in the GSS One- AWS FedRAMP package and are provided by Project Hosts as a managed service provider for those workloads leveraging the FedRAMP authorized GSS1-AWS tools and services to provide that functionality. Namely, Project Hosts deploys, secures, manages, and provides continuous monitoring for applications that are compatible with the GSS One-AWS architecture, authentication, operating system, database, and access requirements. Many ISVs do not have the staff or knowledge to fully deploy a cloud workload, write security documentation, refactor the application to meet compliance requirements and work with agencies and the PMO to obtain a FedRAMP authorization which leads to wasted time, money, and resources both for government sponsors and the ISVs. Project Hosts works with these software vendors and agencies to quickly deploy the application to the cloud and build out and manage the system for the customers which includes acting as the security and compliance team for the application. In addition, Project Hosts works with these software vendors to document security controls, perform compliance reviews, perform disaster recovery, and advises the ISV on how refactor the application to meet FedRAMP requirements. Project Hosts security compliance team also performs monthly vulnerability scanning include ACAS scans, dynamic web app scans and container image scans and documents and tracks these findings in accordance with continuous monitoring requirements. Among other things the Project Hosts team also performs (for each customer deployed within the GSS1-AWS) monthly baseline compliance scanning, configuration management, patch and vulnerability management, malware prevention and intrusion prevention using HBSS software, incident response reporting, analysis, eradication, and recovery as well as all SOC review and analysis of audit logs and responding/investigating alerts for suspicious activity. Project Hosts deploys systems to monitor workloads for availability and performance issues and proactively take action to ensure maximum uptime and availability. Performing these functions on the ISVs’ behalf allows the software vendors to focus on their core business model in delivering a secure, highly functional application to the agency. For ISV customers, Project Hosts also creates their SaaS-level FedRAMP or DoD package, helps them throughout the agency authorization process, and manages their 3PAO annual assessments. For agency customers or DoD Mission partners, Project Hosts assists them in the creation of their own SSP, manages annual 3PAO scanning and penetration testing of their dedicated applications, and provides a monthly application-level POA&M. Following is a partial list of applications for which Project Hosts is providing these services over and above the GSS One-AWS platform: - San Luis Aviation, Inc. (ESChat) - FutureFeed (FutureFeed) - H20.ai (H20 AI Cloud) - JAMIS (JAMIS Prime) - Telcloud (Telcloud) - Caveonix (Caveonix SaaS Platform) If an agency would like to use one of these Applications or bring in another GSS One-AWS compatible Application, Project Hosts will provide application-level artifacts that will help the agency or mission partner assess the risk of deploying that application in the GSS1-AWS as well as any other documentation or evidence required in order to grant an Authority to Operate (ATO).

GSS One - Azure

FedRAMP In Process

GSS One-Azure (GSS1-AZ) is delivered as a hybrid offering using a multi-tenant PaaS cloud computing environment. It is available to both private and multitenant customers deployed per the agencies preference and agreements and can be utilized by the following audiences: the public, federal, DoD, state, local, and tribal governments, as well as research institutions, federal contractors, government contractors etc.)]. The Project Hosts “GSS1-AZ” PaaS is a Government Only General Support System (GSS) deployed on Azure Government. GSS1-AZ is composed of systems and services that manage access control, authentication, auditing, monitoring, scanning, patching, configuration management, malware prevention, intrusion prevention, incident response, backup, and disaster recovery for each application leveraging the GSS1-AZ. All of the systems that make up the GSS1-AZ and the Project Hosts engineers that administer the systems can be leveraged by any customers to meet the security requirements for their systems. There are three main SaaS components customers deployed on the GSS One-Azure system can leverage: - GSS One Portal/Admin Page: The GSS One Portal is a page where customer users and PH support can login to create and manage non privileged users for their organization including revoking access. It also provides them with the ability to upload software binaries to the test environment and screenshots and other supporting artifacts required for support tickets. The GSS One Admin page is accessible only to PH engineers and is used for managing inventory, privileged user maintenance windows and account creation and JIT access and has dashboards for PH engineers to provide a centralized view of each environment. - GSS One Console: GSS One- Console is a one stop shop for agency and CSP customers to view relevant information for their system and aid in implementing and maintaining ConMon requirements including a document repo for SSP and appendixes, POA&Ms and vulnerability scans, allows them to manage training, track incidents, track vulnerabilities and other corrective actions, track red teaming activities, view availability monitoring alerts, change control ticketing, link controls to artifacts and evidence to speed up ATO times, centralized up to date contact lists. - GSS One Ticketing System: Project Hosts has configured a customer-facing support portal for creating and managing support tickets. This allows customers to view all of their relevant tickets, create tickets, upload screenshots and communicate with PH staff through a secure channel. There are two main types of customers who use the GSS1-AZ: (i) Independent Software Vendors (ISVs) deploying multitenant SaaS applications and (ii) Federal, state, or local agencies deploying dedicated applications just for their agency or organization (not multitenant). For both types of customers, their applications are deployed on customer-dedicated virtual servers (or FedRAMP-authorized Azure PaaS services) inside customer-dedicated subnets. Network Security Group firewall access controls ensure that each customer's systems are completely isolated from and has no access to any other customer's subnet. For GSS1-AZ customers, Project Hosts also provides services that are over and above the PaaS offering described in the GSS1-AZ FedRAMP package. Namely, Project Hosts deploys, secures, manages, and provides continuous monitoring for applications that are compatible with the GSS1-AZ architecture, authentication, operating system, database, and access requirements. Many CSPs do not have the staff or knowledge to fully deploy a cloud workload, write security documentation, refactor the application to meet compliance requirements and work with agencies and the PMO to obtain a FedRAMP authorization which leads to wasted time, money, and resources both for government sponsors and the ISVs. Project Hosts works with these software vendors and agencies to quickly deploy the application to the cloud and build out and manage the system for the customers which includes acting as the security and compliance team for the application. In addition, Project Hosts works with these software vendors to document security controls, perform compliance reviews, perform disaster recovery, and advises the ISV on how refactor the application to meet FedRAMP requirements. Project Hosts security compliance team also performs monthly vulnerability scanning include ACAS scans, dynamic web app scans and container image scans and documents and tracks these findings in accordance with continuous monitoring requirements. Among other things the Project Hosts team also performs (for each customer deployed within the GSS1-AZ) monthly baseline compliance scanning, configuration management, patch and vulnerability management, malware prevention and intrusion prevention using HBSS software, incident response reporting, analysis, eradication, and recovery as well as all SOC review and analysis of audit logs and responding/investigating alerts for suspicious activity. Project Hosts deploys systems to monitor workloads for availability and performance issues and proactively take action to ensure maximum uptime and availability. Performing these functions on the ISVs’ behalf allows the software vendors to focus on their core business model in delivering a secure, highly functional application to the agency. For CSP customers, Project Hosts also creates their SaaS-level FedRAMP package, helps them throughout the agency authorization process, and manages their 3PAO annual assessments. For agency customers, Project Hosts assists them in the creation of their own SSP, manages annual 3PAO scanning and penetration testing of their dedicated applications, and provides a monthly application-level POA&M. Following is a partial list of applications for which Project Hosts is providing these services over and above the GSS One-Azure platform: 1E (1E Tachyon Platform) Archive360 (Archive2Azure) AvePoint (AvePoint Online Services for US Government) Aztec (Aztec Learning System) Bingli (Bingli) Blue Prism (Blue Prism) BrightWork (BrightWork SharePoint-based Project Management) Cardinal Engineering (ShockIQ) C3 AI (C3 AI Suite) Checkmarx (CxSAST Source Code Scanner) CTERA Networks (CTERA Edge Filer, CTERA Drive, CTERA Portal) Conga (Contract Lifecycle Management, X-Author and Conga Approvals) Creative Veteran Productions (Fed ILMS) Davra (WebEx Legislate, Internet of Things) Distributed Solutions Inc. (AEON) Drupal (Drupal CMS) Ephesoft (Transact) Feith Systems and Software Inc. (RMA iQ™) FlowVU (FlowVU Collaboration) Gimmal (Gimmal Records Management) Idea Entity (RhyBus Platform) Image Trend (Elite, Report Writer (RW), Continuum (CT), Licensure, Slate) Invoke (UiPath Orchestrator and RPA) Ivanti (MDM, Access, Neurons) Kofax (Control Suite, Kofax TotalAgility, Kofax Robotics Process Automation) Lexmark (Managed Print Service, Lexmark Print Management) LMI (ATLAS by LMI) Librestream Technology (Onsight Now) Microsoft (Office, Dynamics, Power BI Server, Project Server, SharePoint, SSRS) NIBS/ OM Group Inc. (ProjNet™) Nintex (K2 Five, Workflow Cloud) Nintex (Nintex Automation GE Platform) Nuance (Dragon Suite, DAX CoPilot) OneSpan (OneSpan Sign) Orbus Software (OrbusINFINITY) Permuta (Defense Ready) Power Settlements Consulting and Software, LLC (PowerCore™) ProSymmetry Quest Software, Inc. (On Demand Solution, Security Guardian, Disaster Recovery for Identities) Relocation Management Worldwide (Virtual Employee Network) Synergist Technology, LLC (AFFIRM Solution for AI Compliance, SAS® VIYA®) UMT360 (SharePoint-based Enterprise Portfolio Management) Veritas (eVault, eDiscovery, Merge1) Wellspring (Accolade Enterprise Innovation Management, Sophia) WillCo Tech (CyberSTAR™) WordPress (WordPress CMS) WordPress As a Service (WPaaS) If an agency would like to use one of these Applications or bring in another GSS One-Azure-compatible Application, Project Hosts will provide application-level artifacts that will help the agency assess the risk of deploying that application in the GSS One-Azure as well as any other documentation or evidence required in order to grant an Authority to Operate (ATO).

GSS One - Azure

FedRAMP Authorized

GSS One-Azure (GSS1-AZ) is delivered as a hybrid offering using a multi-tenant PaaS cloud computing environment. It is available to both private and multitenant customers deployed per the agencies preference and agreements and can be utilized by the following audiences: the public, federal, DoD, state, local, and tribal governments, as well as research institutions, federal contractors, government contractors etc.)]. The Project Hosts “GSS1-AZ” PaaS is a Government Only General Support System (GSS) deployed on Azure Government. GSS1-AZ is composed of systems and services that manage access control, authentication, auditing, monitoring, scanning, patching, configuration management, malware prevention, intrusion prevention, incident response, backup, and disaster recovery for each application leveraging the GSS1-AZ. All of the systems that make up the GSS1-AZ and the Project Hosts engineers that administer the systems can be leveraged by any customers to meet the security requirements for their systems. There are three main SaaS components customers deployed on the GSS One-Azure system can leverage: - GSS One Portal/Admin Page: The GSS One Portal is a page where customer users and PH support can login to create and manage non privileged users for their organization including revoking access. It also provides them with the ability to upload software binaries to the test environment and screenshots and other supporting artifacts required for support tickets. The GSS One Admin page is accessible only to PH engineers and is used for managing inventory, privileged user maintenance windows and account creation and JIT access and has dashboards for PH engineers to provide a centralized view of each environment. - GSS One Console: GSS One- Console is a one stop shop for agency and CSP customers to view relevant information for their system and aid in implementing and maintaining ConMon requirements including a document repo for SSP and appendixes, POA&Ms and vulnerability scans, allows them to manage training, track incidents, track vulnerabilities and other corrective actions, track red teaming activities, view availability monitoring alerts, change control ticketing, link controls to artifacts and evidence to speed up ATO times, centralized up to date contact lists. - GSS One Ticketing System: Project Hosts has configured a customer-facing support portal for creating and managing support tickets. This allows customers to view all of their relevant tickets, create tickets, upload screenshots and communicate with PH staff through a secure channel. There are two main types of customers who use the GSS1-AZ: (i) Independent Software Vendors (ISVs) deploying multitenant SaaS applications and (ii) Federal, state, or local agencies deploying dedicated applications just for their agency or organization (not multitenant). For both types of customers, their applications are deployed on customer-dedicated virtual servers (or FedRAMP-authorized Azure PaaS services) inside customer-dedicated subnets. Network Security Group firewall access controls ensure that each customer's systems are completely isolated from and has no access to any other customer's subnet. For GSS1-AZ customers, Project Hosts also provides services that are over and above the PaaS offering described in the GSS1-AZ FedRAMP package. Namely, Project Hosts deploys, secures, manages, and provides continuous monitoring for applications that are compatible with the GSS1-AZ architecture, authentication, operating system, database, and access requirements. Many CSPs do not have the staff or knowledge to fully deploy a cloud workload, write security documentation, refactor the application to meet compliance requirements and work with agencies and the PMO to obtain a FedRAMP authorization which leads to wasted time, money, and resources both for government sponsors and the ISVs. Project Hosts works with these software vendors and agencies to quickly deploy the application to the cloud and build out and manage the system for the customers which includes acting as the security and compliance team for the application. In addition, Project Hosts works with these software vendors to document security controls, perform compliance reviews, perform disaster recovery, and advises the ISV on how refactor the application to meet FedRAMP requirements. Project Hosts security compliance team also performs monthly vulnerability scanning include ACAS scans, dynamic web app scans and container image scans and documents and tracks these findings in accordance with continuous monitoring requirements. Among other things the Project Hosts team also performs (for each customer deployed within the GSS1-AZ) monthly baseline compliance scanning, configuration management, patch and vulnerability management, malware prevention and intrusion prevention using HBSS software, incident response reporting, analysis, eradication, and recovery as well as all SOC review and analysis of audit logs and responding/investigating alerts for suspicious activity. Project Hosts deploys systems to monitor workloads for availability and performance issues and proactively take action to ensure maximum uptime and availability. Performing these functions on the ISVs’ behalf allows the software vendors to focus on their core business model in delivering a secure, highly functional application to the agency. For CSP customers, Project Hosts also creates their SaaS-level FedRAMP package, helps them throughout the agency authorization process, and manages their 3PAO annual assessments. For agency customers, Project Hosts assists them in the creation of their own SSP, manages annual 3PAO scanning and penetration testing of their dedicated applications, and provides a monthly application-level POA&M. Following is a partial list of applications for which Project Hosts is providing these services over and above the GSS One-Azure platform: 1E (1E Tachyon Platform) Archive360 (Archive2Azure) AvePoint (AvePoint Online Services for US Government) Aztec (Aztec Learning System) Bingli (Bingli) Blue Prism (Blue Prism) BrightWork (BrightWork SharePoint-based Project Management) Cardinal Engineering (ShockIQ) C3 AI (C3 AI Suite) Checkmarx (CxSAST Source Code Scanner) CTERA Networks (CTERA Edge Filer, CTERA Drive, CTERA Portal) Conga (Contract Lifecycle Management, X-Author and Conga Approvals) Creative Veteran Productions (Fed ILMS) Davra (WebEx Legislate, Internet of Things) Distributed Solutions Inc. (AEON) Drupal (Drupal CMS) Ephesoft (Transact) Feith Systems and Software Inc. (RMA iQ™) FlowVU (FlowVU Collaboration) Gimmal (Gimmal Records Management) Idea Entity (RhyBus Platform) Image Trend (Elite, Report Writer (RW), Continuum (CT), Licensure, Slate) Invoke (UiPath Orchestrator and RPA) Ivanti (MDM, Access, Neurons) Kofax (Control Suite, Kofax TotalAgility, Kofax Robotics Process Automation) Lexmark (Managed Print Service, Lexmark Print Management) LMI (ATLAS by LMI) Librestream Technology (Onsight Now) Microsoft (Office, Dynamics, Power BI Server, Project Server, SharePoint, SSRS) NIBS/ OM Group Inc. (ProjNet™) Nintex (K2 Five, Workflow Cloud) Nintex (Nintex Automation GE Platform) Nuance (Dragon Suite, DAX CoPilot) OneSpan (OneSpan Sign) Orbus Software (OrbusINFINITY) Permuta (Defense Ready) Power Settlements Consulting and Software, LLC (PowerCore™) ProSymmetry Quest Software, Inc. (On Demand Solution, Security Guardian, Disaster Recovery for Identities) Relocation Management Worldwide (Virtual Employee Network) Synergist Technology, LLC (AFFIRM Solution for AI Compliance, SAS® VIYA®) UMT360 (SharePoint-based Enterprise Portfolio Management) Veritas (eVault, eDiscovery, Merge1) Wellspring (Accolade Enterprise Innovation Management, Sophia) WillCo Tech (CyberSTAR™) WordPress (WordPress CMS) WordPress As a Service (WPaaS) If an agency would like to use one of these Applications or bring in another GSS One-Azure-compatible Application, Project Hosts will provide application-level artifacts that will help the agency assess the risk of deploying that application in the GSS One-Azure as well as any other documentation or evidence required in order to grant an Authority to Operate (ATO).

ProjectTeam for Government (Construction Project and Program Management)

FedRAMP Authorized

Proofpoint Targeted Attack Protection

FedRAMP Authorized

Proofpoint Email and Information Protection Service

FedRAMP Authorized

Proofpoint Email Archive

FedRAMP Authorized

PTC Cloud Services

FedRAMP Authorized

PTC ServiceMax Federal

PTC ServiceMax Federal is delivered as a Software as a Service (SaaS) model using multi-tenant AWS Commercial Cloud deployment for underlying infrastructure. The ServiceMax tool allows customers to manage assets, track field operations, and deploy field technicians. ServiceMax has a core offering that when purchased gives customers access to additional supporting applications. The ServiceMax Core product is listed on the Salesforce Marketplace (AppExchange). If a customer wants to purchase the product, they contact PTC and sign a contract. After signing the contract, PTC provisions a license for the customer through the Salesforce license management tools. Customers manage the configuration and access of the ServiceMax tools once purchased. The ServiceMax package includes the following applications: • ServiceMax Core Application – Application offered through the Salesforce Marketplace. Customers purchase the application which is hosted on Salesforce infrastructure. The Core application allows customers to manage assets and boost productivity for field service activities. The application allows technicians to perform services, dispatch technicians to the field, manage contracts, and fill out forms. This is the only service not hosted in AWS. The databases underlying ServiceMax Core are managed by the customer, hosted in their Salesforce tenant. • Go Mobile Application – The Go Mobile App is a mobile version of the ServiceMax Core. It allows technicians in the field to have access to assets and documentation, as well as schedule appointments. The Go Mobile Application is part of the Core product license purchased by the customer. Go Mobile talks to the Sync Gateway and Notification Service backend, hosted in AWS. • Go Console Application – Go Console is a multi-tenant application hosted in AWS that serves as the customer administrator console for the Go Application. Go Console ensures endpoints are running the correct version of the Go mobile application and pushes configurations. It is deployed on a Kubernetes cluster. There are multiple instances for Go Console. The Go Console is part of the Core product license purchased by the customer. • Notification Services Application – Notification Services is hosted in AWS and serves as a customer administrator backed service to support mobile push notifications. • Configurator Application – Configurator is hosted in AWS and helps customer set up ServiceMax Core. It is an optional tool the customer can use to streamline Salesforce configuration management. • Migrator Application – Migrator is hosted in AWS and is an optional service allowing customers to migrate configurations to the ServiceMax Core application. Once the migration is complete, customers receive an email notification that the task is completed. • Data Guide Application – Data Guide is static content hosted in an AWS S3 bucket. If a field agent has a form that a customer needs to fill out the ServiceMax applications will pull the templates from the S3 bucket.

Bibliovation/Knowvation

FedRAMP In Process

TRAIN Learning Network

FedRAMP Authorized

FedRAMP Authorized

Qlik Cloud Government

FedRAMP Authorized

S.M.A.R.T. - Federal Editions

FedRAMP Authorized

Qualtrics XM Platform

FedRAMP Authorized

Qualtrics XM Platform - High

FedRAMP In Process

Qualys Cloud Platform

FedRAMP Authorized

Qualys Government Platform

FedRAMP In Process

Qualys Government Platform (QGP) consists of a suite of Information Technology (IT) security and compliance solutions delivered via a SaaS deployment model that leverages a highly scalable multi-tenant cloud infrastructure. The below services are part of the QGP platform - Vulnerability Management, Detection, and Response (VMDR) service enables customers to discover, assess, prioritize, and patch critical vulnerabilities and misconfigurations in near real-time and across your global hybrid-IT landscape all-in-one subscription. Policy Compliance (PC) service provides the ability to run compliance scans and create compliance reports on hosts (IP addresses) that have been added to the Policy Compliance account. File Integrity Monitoring (FIM) service enables monitoring critical files, directories, and registry paths for changes in near real-time, and helps adhere to compliance mandates such as FedRAMP. Container Security (CS) service provides discovery, tracking, and continuously protecting container environments. Addresses vulnerability management for images and containers in their DevOps pipeline and deployments across cloud and on-premises environments. Certificate View (CertView) service provides a comprehensive view of all the SSL/TLS certificates across the enterprise and cloud-hosted assets. CyberSecurity Asset Management (CSAM) service continuously gathers information on all assets, listing systems and hardware details, running services, open ports, installed software and user accounts. Asset discovery and inventory collection is done through a combination of Qualys Sensors, which together can collect comprehensive data from across on-premises or cloud infrastructure as well as remote endpoints. Web Application Scanning (WAS) service enables organisation's to assess, track and remediate web application vulnerabilities to keep their web applications secure. Patch Management (PM) service is used to patch and apply post-patch configuration changes to operating systems, mobile devices, and 3rd-party applications from a large variety of vendors, all from a central dashboard.

Questionmark Government

FedRAMP Authorized

The Questionmark Government service is an online assessment platform providing the ability to author, deliver and report on tests, quizzes, surveys, and exams. Questionmark Government can be used for training, certification, advancement, channel expertise, competency measurement, compliance, and workforce learning. United States Federal, State and Local government agencies and their contractors can safely and securely use our powerful tool for creating, delivering, and reporting on assessments. Questionmark Government is hosted in US-based, FedRAMP-authorized data centers used by US government agencies and their service contractors. Our service is targeted for data up to DoD Impact Level 4. Questionmark Government operates the Software-as-a-Service (SaaS). It includes provisioning and scaling; and maintenance of operating systems and software to ensure sufficient bandwidth and performance, upgrades, and secure backups. Questionmark is widely used by Government, Awarding Bodies, Utilities, Manufacturing and Public Sectors. For more information about Questionmark Government, please see: https://www.questionmark.com/use-cases/government/ **Features** * A government-specific online platform that is FedRAMP authorized and designed to support your special requirements * Comprehensive item banking with easy search functionality * Delivery of assessments via browser, secure browser, mobile devices and paper * Incorporates a robust reporting and analytics suite * Provides a collaborative authoring environment complete with version tracking and roll-back features * Author once then deliver to multiple devices simultaneously * Includes accessibility features such as text sizing and contrast controls * Available in 36 different languages * A secure and robust SaaS provided by a company that is ISO 27001:2022 certified * A scalable, flexible solution that can be rapidly deployed * Robust availability: 99.9%+ uptime **Benefits** * Easily create and deliver certification assessments and advancement exams * Easily create and deliver post-course tests for distance learning * Easily create, deliver, and report on surveys and course evaluations * Provides tracking changes to questions for legal defensibility * Blended delivery allows mobile/onsite workers to take assessments * Provides observational assessments to allow measuring performance on practical tasks * Create valid and reliable assessments to make trustworthy decisions * Author and deliver assessments that document training and understanding for compliance purposes * Improve test validity by running job task analysis surveys * Assess skills of technical staff, engineers, and equipment maintainers

Quzara Cybertorch (SOC-as-a-Service)

FedRAMP Authorized

Rackspace Government Cloud

FedRAMP Authorized

InsightGovCloud

FedRAMP In Process

Rave Safety Platform

FedRAMP Authorized

American Heart Association Precision Medicine Platform (AHA-PMP)

FedRAMP Authorized

FedRAMP Authorized

Rectitude 369 Government Cloud (Formerly GDT)

FedRAMP Authorized

Red Hat OpenShift Service on AWS (ROSA)

FedRAMP Authorized

FedRAMP In Process

RegScale FedRAMP High Baseline Security Plan is delivered as PaaS offering using a multi-tenant Public Cloud computing environment. RegScale is a next-generation Governance, Risk and Compliance (GRC) tool on Microsoft Azure, now referred to be Gartner as a Continuous Compliance Automation tool, that is a Software as a Service (SaaS) offering that enables organizations to automate and speed up the process of managing cyber security programs such as FISMA, FedRAMP, CMMC, PCI, HIPAA, NERC/CIP, and many others. RegScale helps organizations to solve their most difficult compliance challenges by allowing customers, based on API integrations, to manage their controls and upload their evidence documentation, perform system assessments, maintain their certifications and authorizations in a single platform (“Single Pane of Glass”), and keep everything updated in near real-time with automation. RegScale ensures that security and privacy-related controls are adequately identified, implemented, and maintained across the System Development Lifecycle (SDLC) for systems, applications, services, processes, and other initiatives. RegScale establishes and maintains customer information assurance capability with the ability to perform Control Validation Testing (CVT) to ensure appropriate controls are operational and risks are managed, prior to the system, application or service being put into production. RegScale is a major application for most large organizations but is not typically considered mission critical. RegScale is a modern cloud-native application that is built to scale using Docker containers which are micro-segmented and orchestrated using Microsoft Azure services. It is designed to be hosted in any environment and configuration is done securely at run-time by injecting environmental variables. The application can be downloaded and installed at any time from our Docker Hub Repository to support on-premises deployment. It is secured with unique customer keys, scales in real-time using serverless technologies, and can be deployed anywhere (laptop/desktop, on-premises, Kubernetes, or cloud (we currently support AWS, Azure, and Google). All our SaaS infrastructure resides within Microsoft Azure commercial cloud.

RelativityOne Government

FedRAMP Authorized

Relias Platform

FedRAMP In Process

Virtual Employee Network (VEN)

FedRAMP Authorized

Formed in 2002 for the government to be compliant with the FEAFA (Federal Enterprise Architecture Framework Act), the RMW - Virtual Employee Network (VEN) system utilizes the most advanced relocation technology in the relocation industry. VEN is a modular, flexible, stable, and highly secure system that supports all critical relocation functions and end-to-end PCS (Permanent Change of Station) software from obligation, de-obligation to financial system interfaces. RMW continues to develop technology tools based on anticipated client needs and customer input in addition to changes in legislation (i.e. 2017 tax cuts and jobs act). RMW IT professionals have built intuitive solutions into a fully comprehensive web-based platform. Users have 24/7 access to the system, which is scalable to meet an Agency's information needs. The user friendly PCS Travel Voucher submissions are initiated by the employee via VEN through an automated work flow controlled by the Agency. E-signature documents are digitally signed that complies with the strictest legal regulations and highest level of assurance of a signer's identity. VEN provides greater flexibility, capability, and protection of sensitive employee data than other systems. - Fully automates expenses, policy, and suppliers so teams can focus on what is most important, "the Agency's mission". - Fully automates all Federal regulations and laws pertaining to employee relocation. - New appointees, retirees, and transferees can access, enter, and submit PCS expenses, all while the Agency reviews or rejects, approves, certifies, and runs real-time reports. - Real-time information directly from suppliers with work-flows that ensure data integrity for much faster processing of data, documents, vouchers, and invoices, all with complete transparency. - Integration of Agency's specific documents completed by transferees with PIV card (Personal Identity Verification smart card) authentication of a digital signature. - All aspects of the system are digital and accomplished online by Agency staff and relocating employees. VEN assists Agencies on complying with the Paper Reduction Act and Green Initiatives.

Repario Government Solutions (RGS)

FedRAMP Authorized

Rescale ScaleX Government

FedRAMP Authorized

Rescale ScaleX Government is mission-ready secure supercomputing. Rescale's multi-cloud HPC-as-a-Service provides an intuitive, centralized, and automated platform for US government agencies and customers supporting the US government to operate sensitive workloads in the cloud. In addition to complying with FedRAMP requirements, Rescale adheres to critical compliance standards including: • U.S. International Traffic in Arms Regulations (ITAR) • Defense Federal Acquisition Regulation Supplement (DFARS) • Cloud Security Alliance (CSA) • Health Insurance Portability and Accountability Act (HIPAA) • American Institute of CPAs: Service Organization Control (AICPA SOC2) Additional information is available at https://rescale.com/solutions/by-industry/government/ Rescale’s HPC-as-a-Service platform provides automated, on-demand access to a wide variety of the latest hardware architectures to meet any specialized HPC needs (CPUs, GPUs, memory, storage, and networking). An easy-to-use console provides a range of tools to help government agencies balance flexibility, cost savings, and processing speed to set up the right HPC cloud service for their needs. The Rescale platform also provides an on-demand portfolio of leading engineering, scientific, and research applications that are pre-installed, secure, and ready to go. This includes commercial, open source, and government-protected applications. Users can also bring their own software. Rescale ScaleX Government supports a variety of computationally intensive use cases and applications including: • High Performance Computing (HPC) • High-Throughput Computing (HTC) • Artificial Intelligence (AI) • Machine Learning (ML) • Modeling and Simulation • Digital Engineering: Research and Development (R&D) • Computer-Aided Engineering (CAE) • Computational Fluid Dynamics (CFD) • Multi-Disciplinary Design Optimization (MDO) With Rescale, HPC operations are automated on a single pane of glass, making it simple for engineers and scientists to harness the most advanced software, computing, and AI architectures for cutting-edge simulation and mission execution. For IT, the Rescale platform provides a centralized, policy-driven automation to assure security, budgetary controls, and comprehensive visibility into all HPC operations, including sophisticated licensing and cloud usage management. Policy-based financial and architectural dashboards streamline workflows and configuration tasks, ensuring greater productivity and cost-efficiencies. By simplifying the complexity of managing on-premises and multi-cloud HPC, the Rescale ScaleX Government platform helps government agencies tap into dynamic cloud HPC services to accelerate their innovation efforts and support their big compute initiatives.

IRBNet on GovCloud

FedRAMP Authorized

IRBNet's powerful suite of web-based, Software as a Service (SaaS) research compliance solutions provide electronic submission, collaboration and workflow tools that currently serve thousands of research institutions, compliance boards and sponsors, and hundreds of thousands of users, across IRBNet's National Research Network (commercial) and IRBNet on GovCloud (government). IRBNet research compliance solutions support institutions of any size, and currently serve hospitals and hospital networks, universities and academic research institutions, and federal and state agencies. IRBNet’s secure suite of tools is accessible anywhere, anytime, supporting real-time collaboration between investigators and institutions anywhere in the world, helping to streamline compliance workflow, reduce review and approval cycle times, reduce errors and non-compliance, increase staff efficiency, and improve audit trails and record keeping. IRBNet's tools are fully integrated and configurable, and support all institutional compliance offices, investigators and board members, including: - Institutional Review Boards (IRB) - Institutional Biosafety Committees (IBC) - Institutional Animal Care and Use Committees (IACUC) - Research & Development Committees - Radiation Safety Committees - Scientific Review Committees - Conflict of Interest (COI) and other specialty committees IRBNet provides the following core features to support local Agency mission needs and critical business functions, supporting compliance boards and researchers throughout the entire lifecycle of the research review and compliance process: - Project assembly, documentation and team collaboration - Electronic submissions - Routing, tracking and alerting tools for committee member review - Tracking of committee member comments and pre-reviews prior to meetings - Cross-institutional collaboration and communication tools - Custom Form Wizards to improve guidance and document quality (application forms, etc.) - Tracking of researcher and committee training and credentials - Multi-Site studies - Instant notification of study approval and other key events - Automated continuing review alerts - Quality control and pre-review tools - Agenda and Minutes Builders - Personalized Approval Letter and Correspondence Wizards - Document version control and history - Multi-board workflow management - Audit and oversight functions IRBNet also provides the following optional integration features to meet Agency mission needs: - IRBNet provides an optional connection to the WCG IRB for commercial IRB review services. This service allows Agencies to seamlessly send research studies for commercial IRB approval, and receive back approval documentation such as Approval Letters, while maintaining oversight of the complete research portfolio (both internal and external). - IRBNet provides an optional connection to external training sources, such as Agency training systems or the national CITI program, to pull training information for researchers and committee members so that this information is readily available during compliance and review processes. - IRBNet provides an optional Single Sign-On federated authentication capability for Agency authentication frameworks such as PIV/CAC, to provide seamless access to Agency users. IRBNet on GovCloud is the Government Community Cloud offering of the IRBNet SaaS. IRBNet on GovCloud is hosted in multiple availability zones within the Amazon Web Services (AWS) FedRAMP-authorized GovCloud Infrastructure as a Service / Platform as a Service (IaaS/PaaS). All AWS GovCloud data centers are within the Continental United States (CONUS). IRBNet on GovCloud is managed by Research Dataware LLC., an operating unit of WCG Clinical, Inc. (WCG). WCG is the world’s leading provider of solutions that measurably improve the quality and efficiency of clinical research.

RingMD Telemedicine

FedRAMP In Process

FedRAMP Authorized

RSA® ID Plus for Government

FedRAMP Authorized

Rubrik Security Cloud - Government (RSC-G)

FedRAMP Authorized

SailPoint Identity Security Cloud

FedRAMP Authorized

Salesforce Government Cloud Plus

FedRAMP Authorized

FedRAMP In Process

DoD Cloud Intelligent Enterprise – DD-CIE

FedRAMP Authorized

The SAP NS2 Secure Node SuccessFactors Suite – DOD (SNSFS) is a secure cloud environment that hosts the following suite of SAP cloud solutions: SAP SuccessFactors, SAP Employee Central Payroll, Integrated Business Planning (IBP) and SAP S/4HANA Cloud, private edition (PCE). SAP SuccessFactors is an enterprise human resources and people management SaaS solution. SAP SuccessFactors delivers business results by driving business alignment, optimizing people performance, and building connections within organizations. SAP SuccessFactors provides a comprehensive suite of applications that improve executive insight and decision-making while ensuring the right people with the right skills are doing the right work. SAP SuccessFactors includes: Learning, Performance & Goals, Succession & Development, Compensation, Recruiting, Onboarding, Workforce Planning, Workforce Analytics & Reporting, and Employee Central Payroll. Employee Central Payroll is an industry-based payroll engine that seamlessly integrates into the core HR system. Benefits include: Enhanced Disaster Recovery/High Availability, U.S. Federal and Critical Infrastructure compliance, and NS2 U.S. Persons Operation & Support. The SAP Integrated Business Planning (IBP) offering is a fully integrated solution that provides organizations the ability to make optimal, responsive, and strategic decisions affecting their supply chains. Powered by SAP HANA, this cloud-based solution combines sales and operations planning (S&OP), forecasting and demand planning, response and supply planning, demand-driven replenishment, and inventory optimization. IBP provides automated, tightly coordinated supply chain planning processes, advanced machine learning algorithms, and native integration with SAP Supply Chain Control Tower and other solutions. IBP facilitates increased forecast accuracy, reduced inventories and overall supply chain costs and improved customer service. SAP S/4HANA Private Cloud Edition (PCE) is an enterprise resource planning cloud application that includes support, infrastructure management, and technical managed services within a single SaaS solution. This offering provides a path for an accelerated, integrated, and tailored cloud transformation with a priority on safeguarding critical applications and data. Our solutions include S/4HANA, SAP ERP, BW on HANA, BW/4HANA, SAP Landscape Transformation (SLT), Process Orchestration (PO), Data Services, Fiori Hub, Convergent Charging, NetWeaver ABAP, Manufacturing Integration & Intelligence, BusinessObjects, SAP Access Control, SAP IQ Cold Store Cloud, SAP Information Lifecycle Management, Solution Manager, SAP Extended Warehouse Management, BW NetWeaver Java Server, Content Server, Single Sign-On and HANA Enterprise Edition.

SAP NS2 Cloud Intelligent Enterprise

FedRAMP Authorized

The SAP NS2 Cloud Intelligent Enterprise (CIE) is a secure cloud environment that hosts the following suite of SAP cloud solutions: SAP SuccessFactors, SAP Employee Central Payroll, SAP Analytics Cloud, SAP Business Technology Platform and SAP S/4HANA Cloud, private edition. Within the CIE cloud environment, government agencies can safely adopt and deploy SAP cloud solutions under our secured, automated cloud model. SAP NS2 offers customers enhanced security, availability, compliance, and support to help deliver a mission-critical edge. Our innovative solutions address critical processes and operations within the cloud that expand across multiple lines of business. Our intelligent suite includes applications for connecting data from disparate sources, operational transactions, HR and people management, analytics, and other key business capabilities. Applications are integration-ready, include both Software-as-a-Service (SaaS) and Platform-as-a-Service (PaaS) solutions, have embedded intelligence, and offer a consistent and intuitive user interface. SAP SuccessFactors is an enterprise human resources and people management SaaS solution. SAP SuccessFactors delivers business results by driving business alignment, optimizing people performance, and building connections within organizations. SAP SuccessFactors provides a comprehensive suite of applications that improve executive insight and decision-making while ensuring the right people with the right skills are doing the right work. SAP SuccessFactors includes: Learning, Performance & Goals, Succession & Development, Compensation, Recruiting, Onboarding, Workforce Planning, Workforce Analytics & Reporting, and Employee Central Payroll. Employee Central Payroll is an industry-based payroll engine that seamlessly integrates into the core HR system. Benefits include: Enhanced Disaster Recovery/High Availability, U.S. Federal and Critical Infrastructure compliance, and NS2 U.S. Persons Operation & Support. SAP Analytics Cloud (SAC) is a business intelligence platform SaaS solution. SAC connects people, information, and ideas to enable fast and confident decision making. With SAC machine learning and embedded artificial intelligence, one solution allows you to discover, analyze, plan, and predict across all devices. In addition, SAC allows you to make end-to-end decisions with data management and analytics. SAC scales to meet the needs of your organization and diverse users across all decision types (strategic, operational, and tactical). SAP Business Technology Platform (BTP) is a PaaS solution that allows users to extend and personalize their SAP applications or integrate and connect entire landscapes. SAP BTP helps achieve agility, business value, and continuous innovation through integration, data to value, and extensibility. Organizations can implement their goals with the flexibility to build, manage, and deploy new applications. SAP BTP also connects data and business processes within one, integrated platform. SAP BTP is the secure core that integrates and extends the SAP NS2 Cloud portfolio. SAP S/4HANA Private Cloud Edition (PCE) is an enterprise resource planning cloud application that includes support, infrastructure management, and technical managed services within a single SaaS solution. This offering provides a path for an accelerated, integrated, and tailored cloud transformation with a priority on safeguarding critical applications and data. Our solutions include S/4HANA, SAP ERP, BW on HANA, BW/4HANA, SAP Landscape Transformation (SLT), Process Orchestration (PO), Data Services, Fiori Hub, Convergent Charging, NetWeaver ABAP, Manufacturing Integration & Intelligence, BusinessObjects, SAP Access Control, SAP IQ Cold Store Cloud, SAP Information Lifecycle Management, Solution Manager, SAP Extended Warehouse Management, BW NetWeaver Java Server, Content Server, Single Sign-On and HANA Enterprise Edition.

SAS AI and Analytics for Government on FedRAMP

FedRAMP Authorized

Saviynt Enterprise Identity Cloud (EIC)

FedRAMP Authorized

Scale AI Data Platform

FedRAMP Authorized

ScienceLogic Government Cloud

FedRAMP Authorized

FedRAMP In Process

Gobo Framework (Gobo)

FedRAMP Authorized

Security Control Cloud Software Platform (SCCP)

SecurityScorecard Security Ratings

SentiLink is delivered as a SaaS offering using a multi-tenant public cloud computing environment. It is available to financial institutions and fintech companies, federal, state, local, and tribal governments, as well as research institutions, federal contractors, and government contractors. SentiLink Corp. is a software-as-a-service financial technology company headquartered in San Francisco, California. It provides fraud detection and prevention services to financial institutions in the United States. Synthetic Fraud Scores SentiLink’s Synthetic Fraud Scores solution helps entities stop hard-to-detect synthetic identities in real-time. The Synthetic Fraud Scores product scores applications from 0 (low risk) to 999 (high risk). Three scores are provided on every identity: a composite score, a first-party synthetic score, and a third-party synthetic score. These scores are defined as follows: First-party synthetic score: the likelihood that the identity is first-party synthetic fraud Third-party synthetic score: the likelihood that the identity is third-party synthetic fraud Abuse score: the likelihood that the identity is associated with synthetic fraud or other related fraud risks ID Theft Scores SentiLink’s ID Theft Scores solution determines the likelihood that someone is using stolen credentials to open an account. The solution provides a score between 0 and 999. The higher the score, the higher the likelihood of ID theft. ID Theft Scores are provided via an application programming interface (API) or a user dashboard, and a single API call can be used for both ID Theft Scores and Synthetic Fraud Scores. First-Party Fraud Flags The First-Party Fraud Flags solution allows customers to determine whether an applicant possesses characteristics indicative of identity-related fraud. The model incorporates geographic and fraud alert data related to applicants and other consumers. Manifest Manifest allows customers to identify duplicate data sets in their data portfolios. Customers provide SentiLink with consumer personally identifiable information (PII), and SentiLink assigns each set of PII a unique ID. Customers send SentiLink consumer PII, such as consumer names, dates of birth, Social Security numbers (SSNs), addresses, phone numbers, and email. SentiLink compares the PII to the established unique IDs to identify matches. Insights The Insights solution is a Know Your Customer (KYC) product designed to satisfy Customer Identification Program (CIP) obligations. Insights allow customers to uncover additional intelligence regarding PII and the risks associated with that PII, which facilitates investigation and remediation. Dashboard The Dashboard facilitates customer analysis of applicant information and SentiLink-licensed associated information to determine whether an applicant’s identity is legitimate. It allows customers to access SentiLink’s proprietary user interface to conduct further analysis and request further information regarding specific applications for fraud detection. eCBSV As part of the electronic Consent Based Social Security Number Verification (eCBSV) subscription, SentiLink submits eCBSV requests on behalf of permitted entities. eCBSV subscription services are provided via API or through a user interface. ID Complete ID Complete is designed to resolve missing or incomplete identity fields, such as dates of birth or SSNs, and suggest alternative information where applicable. Data suggestions are derived from customer data and SentiLink supplied data through SentiLink’s proprietary matching logic. The organization accepts data files from Experian. KYC Watchlist Checks The KYC Watchlist Checks service allows customers to compare applicants to various government sanctions lists including, but not limited to, the Office of Foreign Assets Control (OFAC), Politically Exposed Persons (PEPs), United Nations Security Council, and the US Department of State watchlists. SentiLink Corp.’s (SentiLink’s) technology helps its customers combat fraud, a crime in which fake identities are created and used to defraud financial institutions and government agencies. SentiLink equips users with the tools needed to visualize and prevent fraud in any domain, whether money laundering, contractor fraud, synthetic identities, first-party fraud, or classic third-party stolen identities. The organization offers the solutions below that help banks, lenders, credit unions, financial technology entities, insurance companies, and telecommunication companies prevent fraud.

SentinelOne Singularity Platform High

FedRAMP Authorized

The SentinelOne Singularity platform is a unified, cloud-delivered security platform that provides customers with automation, endpoint detection and response and security information and event management (SIEM) capabilities integrated with a unified data lake to ingest and centralize structured and unstructured data. SentinelOne leverages advanced machine learning algorithms and behavioral AI to analyze and automatically contextualize endpoint data collected across Windows, macOS, Linux, and Cloud Workloads. Data is contextualized and correlated into our patented Storylines technology, which accelerates triage and reduces mean time to detect/respond. Data is organized into a cohesive threat narrative which allows analysts to easily identify threat-related events as well as pivot and hunt to scope threat tactics, techniques, and impact. This gives our customers the ability to quickly stop ransomware and cyber attacks at machine speed with 1-click automated remediation and rollback of malicious activities and changes. Additionally, SentinelOne offers world-class managed detection and response (MDR), digital forensics and incident response (DFIR), and threat hunting services. Our MDR service not only augments security teams by triaging active or suspicious alerts and mitigating and blocking threats as needed, but also keeps them informed and protected from global advanced persistent threat (APT) campaigns, novel attacker techniques, and emerging trends in cybercrime with included threat hunting services. Customers can also call on SentinelOne’s integrated DFIR team for deeper forensic analysis of an event and assistance with incident response. The following SentinelOne Singularity Platform services are FedRAMP High Authorized: -Cloud Funnel -Cloud Workload Protection (CWP) -Digital Forensics & Incident Response (DFIR) services -Endpoint Detection and Response (EDR) -Endpoint Protection Platform (EPP) -Extended Detection and Response (XDR) -Purple AI Foundations for Public Sector -RemoteOps and RemoteOps Forensics -SentineOne Agent (Windows, macOS, Linux, and cloud-native Kubernetes) -SentinelOne Management Console -Singularity Data Lake -Singularity Marketplace -Singularity Network Discovery -Singularity Operations Center (OpsCenter) -Singularity Threat Intelligence -Singularity Vulnerability Management -Vigilance Managed Detection and Response (MDR) services -WatchTower and WatchTower Pro Threat Hunting services

Government Community Cloud

FedRAMP Authorized

Seven Bridges Platform

FedRAMP Authorized

EVGateway Digital Environment (EDE)

FedRAMP In Process

FedRAMP Authorized

Mendix Cloud for Government

FedRAMP Authorized

FedRAMP Authorized

FedRAMP Authorized

FedRAMP Authorized

FedRAMP Authorized

Skyhigh Security Service Edge (SSE) Government Cloud Services (Cloud Access Security Broker (CASB) & Secure Web Gateway (SWG) for Cloud) (Formerly McAfee MVISION)

FedRAMP Authorized

Skyhigh Security Service Edge (SSE) GovCloud, a FedRAMP authorized zero trust, cloud-native security platform, provides federal agencies in the US Government with secure, fast direct-to-internet access to all websites, email, Software-as-a-Service (SaaS) applications, Infrastructure-as-a-Service (IaaS) environments, and Shadow IT, from a single, enforcement point while protecting highly sensitive data and preventing advanced malicious threats. Skyhigh SSE GovCloud converges all security modules to provide real-time data and threat protection against advanced and cloud-enabled threats and safeguard data across all vectors–all managed from a single console. Skyhigh SSE's SaaS-based converged platform includes these modules: * Skyhigh Secure Web Gateway (SWG) for Cloud * Skyhigh Cloud Access Security Broker (CASB) * Remote Browser Isolation (RBI) * Data Loss Prevention (DLP) Skyhigh SSE provides visibility and control of data in the cloud, regardless of where it resides. Its DLP engine provides one centralized management and reporting dashboard, a single security policy framework across all data exfiltration vectors and multi-layered security technologies. Skyhigh SSE GovCloud can help fortify defenses in alignment with the highest standards for cloud security and accelerate adoption of a Zero Trust strategy. Skyhigh Security can help agencies achieve target goals of Executive Order 14028 and other mandates and directives. Skyhigh Secure Web Gateway (SWG) for Cloud - Authorized 01/23/2023 Skyhigh SWG for Cloud protects remote users from accessing malicious or unauthorized websites and cloud applications, prevents zero-day threats from infiltrating and sensitive data from exfiltrating an environment by monitoring inline traffic and serving as a gateway between users, websites, applications, and data. It provides continuous web connectivity with integrated RBI, Gateway Anti-Malware (GAM), CASB (cloud registry), and DLP with 99.999% uptime. Flexible deployment modes allow quick and secure migration of remote users to the cloud, while continuing to use proxy appliances for compliance and legacy protocols with in-sync web policies. Capabilities include: * Intelligent web filtering for secure connection to the cloud and web from anywhere and on any device * Secure web access protection from risky and malicious web sites using Remote Browser isolation (RBI), initiated through a visual stream, to reduce security infections and false positives * Fully integrated DLP for full visibility and control over how data is being accessed or shared in RBI sessions * ML based zero-day and real-time threat protection with built-in GAM and Global Threat Intelligence (GTI) * SSL decryption * Granular data protection policies, sophisticated data classifications, and mature DLP policy engine across all products * AI-powered Regular Expression (RegEx) Generator for complex data classifications * Disabled AI chat history to block the transfer of user data for ChatGPT * Fully customizable web policy code to address unique use cases - Optical Character Recognition (OCR) to scan and extract sensitive data from image files Skyhigh Cloud Access Security Broker (CASB) Skyhigh CASB’s cloud-based, multi-tenant service enables the use of cloud services with appropriate levels of security and governance. Skyhigh CASB discovers all cloud services in use, providing cloud activity monitoring, user risk, data protection, and threat protection. Its corresponding readiness rating allows system and data owners to assess cloud risk. Skyhigh CASB detects anomalous activity that may be a security breach or insider threat, enabling immediate response to potential incidents. Inline deployment modes (forward proxy, reverse proxy and cloud app isolation) enable real-time control over user access to sanctioned and unsanctioned cloud services. API coverage for sanctioned apps provides deep visibility, UEBA, tenant restrictions, collaboration controls, near real-time and on-demand scanning (ODS). Capabilities include: * Granular data protection policies, sophisticated data classifications, and mature DLP policy engine across all products * Visibility and control over sanctioned cloud apps through CASB APIs (over 40 cloud apps supported) * Cloud Registry of over 40,000 SaaS, PaaS, and IaaS cloud services using 75 attributes that comprise the Cloud Trust Rating * AI-powered Regular Expression (RegEx) Generator enabling complex classifications * ODS for cloud services that violate your DLP and malware policies * Optical Character Recognition (OCR) to scan and extract sensitive data from image files * Application and user activity risk monitoring with User and Entity Behavior Analytics (UEBA) and ML Available Products Skyhigh Security Service Edge Secure Web Gateway for Cloud Cloud Access Security Broker Remote Browser Isolation Data Loss Prevention Request a Demo: https://www.skyhighsecurity.com/forms/demo-request-form.html

FedRAMP Authorized

FedRAMP Authorized

FedRAMP Authorized

Elevate Intelligent Automation Platform (IAP)

FedRAMP Authorized

The Data Cloud on Azure Government

FedRAMP Authorized

The Data Cloud on AWS US East/West

FedRAMP Authorized

The Data Cloud on AWS GovCloud (High)

FedRAMP Authorized

Snyk for Government

FedRAMP Authorized

Socure for Government (SocureGov)

FedRAMP Authorized

Socure for Government (SocureGov) is delivered as a SaaS offering using a multi-tenant Public Cloud computing environment. SocureGov is available to, and provides digital identity proofing and fraud prevention capabilities for, customers who want to enable a simple, seamless, and secure verification process for consumers. The platform applies artificial intelligence and machine learning techniques with trusted online/offline data intelligence from physical government-issued documents as well as email, phone, address, IP, device, velocity, date of birth, SSN, and the broader internet to verify identities in real time. It is the only solution that analyzes and correlates every facet of an individual’s digital identity to accurately verify individual identities while simultaneously detecting fraud. The platform is fully compliant with FedRAMP Moderate security controls and has been certified by the Kantara Initiative to meet NIST SP 800-63 Identity Assurance Level 2. SocureGov provides several important capabilities listed below: - Socure Verify uses a triangulated data approach and leverages artificial intelligence and machine learning to verify an identity across 400+ trusted sources, and then correlates thousands of identity data points—online and offline—to resolve to a single best-matched entity. - Sigma Identity Fraud provides high-assurance trust and detects digital identity fraud across the customer lifecycle. - Sigma Synthetic applies the Federal Reserve’s definition of synthetic identity fraud which focuses on “manipulated” and “fabricated” types to support customers in determining the optimal follow-on treatment — without adding unnecessary friction. - Email Risk Score leverages machine learning models and feedback loops to analyze over 56 email fraud predictors, assessing risk throughout the customer lifecycle. - Phone Risk Score leverages adaptive machine learning and continuous feedback data to verify phone number risk and ownership, while ensuring a seamless user experience for legitimate customers. - Address Risk Score establishes address-level risk and its correlation to a holistic identity profile, empowering businesses to deflect identity fraud attacks without adding friction to legitimate customers. - Global Watchlist Screening and Monitoring screens, monitors, and dispositions users in real time against sanctions, enforcement lists, politically exposed persons databases, adverse media information, and custom lists - Digital Intelligence continuously monitors and assesses user interactions, helps detect anomalies, and enhances identity proofing, to provide a secure and trustworthy environment for both organizations and their users. - Predictive Document Verification (DocV) verifies ID, biometrics, PII, barcode, and device and behavior intelligence in a single platform to accurately detect and prevent deepfakes, fake IDs, and stolen and fabricated identities from entering the digital economy, in under 2 seconds. - Image Alert List is a live monitoring service that checks documents to identify individuals who previously attempted a transaction under different identities. - Decision Module provides a seamless method to orchestrate the breadth of Socure’s products, enabling a customer to set risk thresholds and help automate decisions to accept, reject, review, resubmit, or refer individuals in an identity verification flow

ARIS Government Cloud

FedRAMP Authorized

Solventum RevCycle Health Services Platform

FedRAMP Authorized

FedRAMP Authorized

Spider Impact for Government

FedRAMP Authorized

Spider Impact for Government enables cloud-based performance management for defining, measuring, and reporting agency performance against targets and strategic plans. The system is the Federal Government dedicated environment of Spider Strategies’ Spider Impact software. Spider Impact for Government collects, stores, and displays agency key performance indicators (KPIs), generates executive Briefings, Dashboards, and Reports, and enables data analysis and exploration through its business intelligence reporting engine. Spider Impact for Government Scorecards allow agencies to define KPIs and metrics and align them to the overall agency strategy through objectives, initiatives, and corrective action plans. This permits users to track and evaluate their agency’s performance strategically by comparing KPI performance against targets and goals resulting in Red/Amber/Green assessments. Spider Impact for Government Dashboards and Reports allow agencies to create custom, ad-hoc, or cascading dashboards to track and report performance across teams, projects, strategies, or organizations with dynamically updating data collected and reported via Spider Impact for Government scorecards and datasets. The result is reports and dashboards that provide a common operating picture across an agency, based on timely data and insights from agency leaders. Spider Impact for Government Datasets provides users a business intelligence engine to explore and analyze large amounts of data, allowing users to discover insights, trends, correlations, or anomalies within and across agency datasets. Datasets permits agencies to apply conditional and Boolean logic to sort, filter, or report subsets of data. Spider Impact for Government automates data input to save countless hours of data collection, entry, and quality review resulting in greater efficiency in data gathering, greater speed to reporting, and increased return on investment by allowing organizations to devote user time to data analysis and not data collection. Spider Impact for Government, from Spider Strategies, is an approved Software-as-a-Service (SaaS) Performance Management suite for all Federal Government customers, including the Department of Defense at Impact Level 4 (DoD IL4).

Splunk Cloud Platform for FedRAMP High

FedRAMP Authorized

Splunk Cloud Platform for FedRAMP Moderate

FedRAMP Authorized

Splunk Observability Cloud for FedRAMP Moderate

FedRAMP In Process

Sprinklr CXM for Government (CXM)

FedRAMP Authorized

FedRAMP Authorized

The Armory is a purpose-built General Support System (GSS) cloud service offering (CSO) that delivers security and compliance services aligned to the FedRAMP High risk categorization baseline. The Armory accelerates the ability for Independent Software Vendors (ISVs) and Enterprises to meet complex regulatory requirements on the Google Cloud Platform (GCP). The Armory delivers and continuously monitors FedRAMP compliant, risk-mitigated cloud solutions to government agencies and their partners through either a hosted or managed delivery model by: • providing full compliance architecture, engineering, documentation and audit support, • reducing the burden to both agencies and SaaS providers, and - expanding the catalog of mission-critical cloud solutions available to agencies. The Armory is built on the FedRAMP authorized Assured Workloads Google Cloud Platform and includes configuration managed Google resources such as VPCs (Virtual Private Clouds), networking components, security controls, identity and access management (IAM) policies, and logging and monitoring mechanisms. The system also provides access to in-boundary tools for automation, configuration management, and account management. Each of these mechanisms has been configured to meet specific regulatory requirements such as International Traffic in Arms Regulations (ITAR), FedRAMP High, and Department of Defense (DoD) Impact Levels 4/5 (IL 4/5). The Armory provides ISVs, Enterprises and Agencies with access to pre-production staging environments and Google “Landing Zones”. These are securely architected environments that enable quick and compliant deployments, and a scalable foundation for their regulated cloud workloads. This secure standardized approach to creating and managing deployments allows government agencies and customers to easily deploy and manage their workloads while maintaining security, governance, and compliance. ISV Partners: Qanapi - As our inaugural ISV Partner, Qanapi’s FIPS-validated API service delivers state-of-the-art encryption and protection at the data level. Designed to safeguard sensitive, industry-regulated, and mission-critical data, Qanapi’s API seamlessly integrates into any software, device, or network. Built on a zero-trust architecture, it ensures robust security across organizations of all sizes, in both the public and commercial sectors. With Qanapi, organizations can achieve the highest level of data protection and compliance, regardless of their environment. Discover more at qanapi.com

FedRAMP Authorized

FedRAMP Authorized

Sumo Logic is a cloud-native SaaS log analytics platform helping customers enable application reliability, secure and protect against modern threats, gain insights into cloud infrastructures, and obtain comprehensive visibility across their threat landscape. Sumo Logic provides the following solutions within our FedRAMP Moderate product offering: Cloud Security Incident and Event Management (SIEM) - Full-featured SIEM automates alert triage, correlation, and threat detection at scale to speed investigation and response times while reducing analyst alert fatigue. Community analytics delivers machine learning (ML) predicted true positive Global Confidence scores, along with global threat benchmarking. Cloud Security Monitoring & Analytics - Sumo Logic supports the entire spectrum of security use cases - from centrally logging compliance data to monitoring and securing public and hybrid clouds, to delivering market-leading DevSecOps capabilities. Application Modernization and Observability - Reduce downtime by finding, investigating, and resolving customer-impacting issues faster with real-time alerting and dashboards for all data - logs, metrics, and traces. Infrastructure Monitoring - On-call teams can reduce mean-time-to-resolution (MTTR) by simplifying the work required to validate issues, identify suspects, and quickly remediate. Reduce downtime and solve customer-impacting issues faster with an integrated observability platform for all application data. Compliance Monitoring - Security and configuration analytics provide the data monitoring, dashboards, analyses, and reporting capabilities necessary to achieve rapid, cost-effective continuous compliance readiness for many industry leading cybersecurity frameworks and programs - NIST 800-53, FISMA, FedRAMP, PCI, SOC2, ISO, HIPAA and more. Multi-cloud support - Unify and monitor logs, metrics, and traces from multi-cloud or hybrid cloud environments. Sumo Logic enables real-time visibility into AWS, Azure, and GCP cloud applications and infrastructure. Moreover, 150 apps and native integrations give out-of-the-box visibility into the technologies that power your applications. Service Maps - The Sumo Logic service visualizes all service dependencies to give you insights into end-to-end execution of your mission critical transactions with open standard compatible distributed tracing data. Application and service dashboards break down latency, load, and errors to identify services contributing to application slowdowns Advanced Alert Analytics - Advanced analytics are applied across a unified repository of telemetry data to surface noteworthy insights that guide on-call teams to the root cause.

On-Demand Security Testing Platform

FedRAMP Authorized

Open Federal Logistics Information System (OpenFLIS)

FedRAMP Authorized

T-Metrics Cloud Contact Center (TCCC)

FedRAMP Authorized

T-Metrics' Cloud Omnichannel Contact Center (CCaaS) solution provides Federal agencies with a secure, customizable, highly flexible, low-risk, and scalable option to improve the experiences of interactions with their constituents. Federal agencies looking to modernize their legacy premises-based contact centers now have a choice to migrate at their pace without compromising security. Building on two decades of innovation and security, T-Metrics’ CCaaS solution is the only single omnichannel contact center in the market that meets both the robust FedRAMP security standards for cloud deployments and the security and interoperability demands of the Joint Interoperability Test Command (JITC) certification for premises-based deployments. Through its flexible architecture, the TM-Cloud Omnichannel Contact Center enables agencies to customize cloud deployment models – public cloud (multi-tenant) and/or private cloud (dedicated instance) - to address different constituent requirements. Strategically designed, TM-Cloud Omnichannel Contact Center capitalizes on cloud architecture to integrate an agency's existing staff with existing customer telephony platforms (e.g., Avaya, Cisco, MS Teams, Zoom, etc.), which minimizes migration and project risk. Agencies can choose cloud, on-premises virtual machine, and/or on-premises physical servers to integrate existing voice services to the TM-Cloud Omnichannel Contact Center. This flexibility allows for zero-maintenance for full cloud deployments. Agencies choosing on-premises integration will provision hardware according to their own requirements and procedures. The TM-Cloud Omnichannel Contact Center can be scaled to accommodate current and future contact center resource demands and requirements. The ability to obtain agent subscriptions in small or large quantities enables organizations to quickly scale to levels necessary to handle even the most dynamic volume, especially for emergencies or seasonal demand. The contact center distributed architecture ensures a high-available and high-performance system is deployed in the T-Metrics FedRAMP cloud. Resiliency, scalability, and advanced feature access were traditionally available to only the largest contact centers with significant capital investment. Through the TM-Cloud Omnichannel Contact Center, these advantages are now available to every customer through flexible monthly subscriptions. The cloud-based service offerings provided by the T-Metrics TM-Cloud Omnichannel Contact Center include the following: - Skills-based and Attribute-based Routing - Interactive Voice Response - Microsoft TeamsTM Integration - Digital Channel Communication - Customer & Agent Callbacks - Voice and Screen Recordings - Analytics and Sentiment Analysis - Quality Management - Section 508 compliance (for agents and callers) - Advanced Agent and Supervisory Dashboards - Standard and Custom Reporting - Self Service Administration Portals - Natural language speech recognition - Voicebots and chatbots To learn more about how the T-Metrics CCaaS solution can satisfy your contact center requirements, please visit https://www.tmetrics.com/industries/fedramp.

Total Visibility Anywhere

FedRAMP Authorized

TalaTek intelligent Governance and Risk Integrated Solution (TiGRIS)

FedRAMP Authorized

Talkdesk CX Cloud™ Government Edition

FedRAMP Authorized

FedRAMP Authorized

Tango Reserve is a SaaS workplace solution for managing your use of workspaces. Tango provides this the capability to manage conference rooms, assigned seats, hoteling areas, neighborhoods, and provides operational Analytics for workplace optimization efforts. Functionality includes: Scalable instance Solution delivers a workspace hoteling, conference room, and assetreservation system. Secure authentication End user interface(s) to find available places to work and reserve workstations, conference rooms, and resources like equipment, services, health & wellness, parking, and transportation. Allows employees to set profile preferences, check-in, cancel and modify their reservations at their convenience. Add digital signage like Room Kiosks, Lobby Kiosks, Desk Signs, and ID Screens Wayfinding options to locate colleagues to enhance engagement, teamwork, and productivity. Utilize integrations with existing platforms to rapidly adopt and deploy. Self-service administrative tools and capabilities Ability to set limitless configuration of users and space relationships Analytics: Tango Reserve allows operational data to be revealed to understand how your office and people are working. By measuring your office space and managing your workplace operations this supports the agency mission to make data-driven decisions about your workplace and real estate as well as save tax-payers money. In addition to the solutions listed above, Tango customers can also license the extended services through the Tango Core applications: Tango Space Management software helps organizations plan, forecast and operate from a single solution. Space is space planning software to streamline space allocation, plan moves, analyze floor plans, and test potential scenarios. Key features include, CAD integration, stacking and blocking, planning and forecasting, scenario planning, move management, IoT integrations, and allocation reporting. Tango Transactions is built on a foundation of proven analytic capabilities, innovative data sets, native mapping and mobile-first experiences that are required to win in today’s dynamic corporate real estate environment. Key features include scenario development, pipeline management, budgeting, property analysis, mapping, and budgeting. Tango Platform provides both a single source of truth for all location and asset information. Tango’s Program & Project Management software solution organizes project portfolio and aligns activities across budgets & timelines. Provides a program view of all activities, including new builds, retrofits, remodels, closures, and special projects. Tango Projects is a single, integrated solution to align program budgets, timelines, and development activities across portfolio of projects, to quickly identify exceptions and take corrective action. Tango’s Lease Administration and Lease Accounting software brings together lease financials, accounting, and administration to manage all lease activities including options, expirations, renewals, key clauses, co-tenancy, recurring costs, rent rolls, expense reconciliation, and is built to comply with FASB ACS 842, IFRS 16 and GASB 87. Tango Predictive Analytics solutions provide the necessary intelligence to develop smarter location strategies and make better capital investment decisions by combining advanced AI/ML modeling with data in a scalable geospatial analytics platform. Tango Edge, an extension of the company’s Integrated Workplace Management System solution, provides a fully integrated collaboration workspace and communications hub that enables your partners to access and interact with Tango solutions. Agencies leverage these solutions to manage: Hybrid Work – Manage and measure work from any location including WFH (work from home), the office, other Agencies, or coworking locations. Reduce the Footprint – Measure the actual utilization of space for short duration Workplace Surveys as well as continuous, consistent, and systematic measurement of People, Presence, and Workplace use across the entire portfolio year after year. Agencies can cut their office space by up to 50%, as facilitated for GSA’s 1800F HQ in Washington, DC. Tango Reserve Analytics data analysis provides management the support tool necessary to augment space planning and office space invest/divest decisions. Zero Emission Buildings – Through actual utilization measurement, real estate reduction, and shared desk strategies, Agencies can reduce their office space, and thus reduce their Carbon Footprint by up to 50%

Tanium Cloud for US Government (TC-USG)

FedRAMP Authorized

Federal GovCloud (FGC) DevSecOps

FedRAMP Authorized

Humanify Enterprise - Government (Humanify Enterprise - G)

FedRAMP Authorized

TTEC Digital’s Humanify Enterprise for Government (Humanify G) is a secure customer experience VOIP solution, powered by Cisco’s UCCE and UC Enterprise Software. Designed for agencies with up to 80,000 unified communications endpoints and 24,000 knowledge workers or agents, it allows you to scale as needed to meet citizen demand. By applying technologies like journey orchestration, analytics, and AI/automation you can deliver efficient and intuitive constituent services while reducing overall contact center costs. Key Features Experience Cloud integrates with Humanify Enterprise Workforce Optimization SaaS (WFOaaS Quality Assurance / Call Recording / Desktop Screen Recording, Speech Analytics, and Post Call IVR surveys, powered by Verint) to enable departments and agencies to capture citizen and stakeholder feedback after interactions with contact center agents, and then utilize that input to drive coaching and feedback. TTEC Humanify Enterprise - Government platform users can now obtain the unique value of these solutions working together to drive improvements in citizen and stakeholder service. WFOaaS Quality Assurance / Call Recording / Desktop Screen Recording. The Humanify Enterprise Workforce Optimization Software as a Service for Government Community Cloud provides Quality Monitoring (QM), Contact Recording, Text to Speech Analytics. The service records 100% of voice calls and 15% of contact center agent desktop screen recordings for compliance, transaction verification, and legal protection. Data is stored in a FedRAMP encrypted format and available for playback and analysis and for agent performance scoring. Workforce Management (WFM) provides forecasting, multi-skill scheduling, and real-time adherence for contact center agents. Includes features for workflows, intra-day dynamic scheduling, audit trail reporting, and mentoring requests. The speech-enabled Interactive Voice Response (IVR) enhanced by Natural Language Processing and Natural Language Understanding (NLU/NLP) enables seamless self-service capability through the use of Voice Bot and Chat Bot capability. Experience Cloud, powered by Verint Experience Management Experience Cloud, is a SaaS application platform that utilizes the TTEC Humanify Enterprise - G to make delivering exceptional experiences easy. The Experience Cloud gathers omni-channel experience information from citizens, employees, and digital site visitors and helps to prioritize and provide key insights on ways to improve those experiences. Process and analyze direct feedback from multi-channel surveys, unstructured text data from open-ends and other comment streams, and behavior data from web interactions Automate and speed decision-making with our proprietary Predictive Engine paired with Verint Professional Services guidance Operationalize across all functions with real-time triggers and alerts; custom dashboards for executives, service center managers, and contact center managers and agents; and case management tools for follow-ups when appropriate with a citizen or other key stakeholders Experience Cloud consists of multiple solutions that work either singly or together to capture, analyze, and act on citizen and stakeholder feedback. These solutions include: Predictive Experience allows organizations to measure citizen experiences across channels, prioritize resources effectively, accurately benchmark performance, and bring certainty to their experience programs with proven predictive data science and AI-powered technologies. Digital Experience captures real-time citizen-initiated feedback via web and mobile channels throughout the digital citizen journey, empowering organizations to make smarter, faster decisions to improve experiences. Enterprise Experience enables organizations to engage citizens and employees to understand, analyze, and orchestrate improved experiences, satisfaction, and trust across multiple channels. Text Analytics provides the ability to analyze text information from any text stream, including surveys, comment posts, and others, and to extract key insights found in those text comments around the topics, keywords, and the related sentiment expressed in those comments Unified Experience enables Federal departments and agencies to capture feedback across virtually any channel, combine those feedback channels (and a wide variety of external data sources to enrich the data, correlate the information from disparate sources to create customized data models, and then use those data models to drive collaboration and closed-loop action on the data. Humanify Portal provides easy access to your contact center and unified communications administrative and management tools from a single interface. It increases the flexibility of the platform. It allows end-user administrators to perform Move, Add, Change, and Delete (MACD) activities for phones, personnel, locations, skill groups, agent teams, and many other system elements. It also allows administrators to change routing rules, IVR prompts, call queues, and contact flows. You can also increase the agility of managing your contact center operations with Humanify Portal Mobile, a 100% web-based application for on-the-move access. (508 Compliant) Integration with Contact Center Solutions (Cisco, Genesys, and Amazon Connect) Availability and Support High availability/disaster recovery deployed across two data centers for full failover in the event of an outage 24x7x365 support with one of the largest pools of Cisco-certified engineers anywhere TTEC Digital delivers automated training programs and knowledge systems that enable CX delivery across every channel

FedRAMP In Process

Tenable Cloud Security for US Government - Ermetic

FedRAMP Authorized

Tenable Government Solutions

FedRAMP Authorized

VantageCloud Lake

Administrative Data Research Facility (ADRF)

FedRAMP Authorized

ThreatConnect For Government

FedRAMP Authorized

Totara Talent Development Government Cloud Platform

FedRAMP Authorized

TruValidate Identity Verification

TRAPWIRE Threat Detection and Analysis System

FedRAMP Authorized

TRAPWIRE is a software platform for detecting and alerting on threats against your assets and personnel in real-time. It provides a comprehensive suite of tools all synchronized and accessible in one centralized, highly secure and encrypted platform, including: - Incident reporting - Pattern analysis - Threat detection - Originator-controlled information sharing - Mass warning and notification - Cross-organizational collaboration The TrapWire Threat Detection and Analysis System is a web-based software-as-a-service offering that provides secure web access to a suite of incident reporting, analytical, and information sharing tools. It bridges disparate agencies into a network of security-focused organizations, where each Agency owns its data and determines what other organizations its users may collaborate with. In addition to secure web access, the following services are available: The TrapWire Mobile App: Enables real-time incident reporting and feedback from the TrapWire Network while in a mobile environment such as VIP or perimeter protection. The TrapWire Community Member (CM) App: Allows organizations to broaden their protection footprint to include the eyes and ears of their communities of interest, empowering them to report suspicious activity in a structured manner through publicly accessible apps branded to each organization’s needs. The TrapWire API: Provides for integration between a TrapWire System deployment and legacy or other enterprise systems, enabling a system-of-systems approach to data integration. The TRAPWIRE Threat Detection and Analysis System brings security organizations into a protection network that detects and alerts on mutual threats spanning time and geography, allowing users to break down stovepipes and interdict threats before they materialize into successful criminal or terrorist acts. The network encapsulates thousands of protected facilities and personnel spanning Federal, State, and Local Law Enforcement; Anti-Terrorism/Force Protection personnel; private/commercial security organizations; and community protection programs. Bringing all sectors together with modern technology and expert analytical support services, while maintaining ""originator control"" principles for each owner's data, empowers a tangible force multiplier effect.

Trellix GovCloud Security Platform

FedRAMP Authorized

Trellix GovCloud Security Platform (formerly known as Trellix XDR GovCloud) is a SaaS offering that is deployed on AWS GovCloud IaaS. The SaaS offering is made up of a suite of solutions developed by Trellix. Trellix GovCloud Security Platform enables customers to centrally manage security for their organization while leveraging real-time monitoring and protection of the environment. Machine learning, artificial intelligence, and behavioral analysis are used to detect and respond to suspicious activity based on comparing observed activity to real-world adversarial attack techniques. - Trellix ePolicy Orchestrator (ePO) is a SaaS-based centralized management console for using Trellix's Endpoint solution with enhanced native security controls without the complexity of on-premises infrastructure. The client-side component of Trellix ePO provides secure communication between Trellix ePO and managed products. In addition to downloading and enforcing policies, Trellix Agent performs client-side tasks such as deploying and updating endpoint products. In order to manage an endpoint with Trellix ePO, Trellix Agent must be installed on each system in your network. As an optional deployment method, Trellix also offers the ePO On-prem platform that can be installed on the customer’s premises, as well as in air-gapped environments. - Trellix Endpoint Detection and Response (EDR) provides continuous data collection and advanced analytics that helps you detect suspicious behavior on your endpoints. Using alert ranking and data visualization, you can quickly understand the threat and take immediate action. Trellix ML Protect (formerly known as Trellix Real Protect) is a machine learning cloud which enhances our Endpoints pre-execution machine learning with post-execution to detect dynamic behavior based on machine learning algorithms derived from over a billion sensors and over 30 years of experience. - Trellix Global Threat Intelligence (GTI) is based on activity from millions of sensors world-wide and an extensive research team, Trellix publishes timely, relevant threat activity via GTI. This always-on, cloud-based threat intelligence service enables accurate protection against known and fast-emerging threats by providing threat determination and contextual reputation metrics. GTI integrates directly with our security products, instantly protecting against emerging threats to reduce operational efforts and time between detection and containment. - Trellix Threat Intelligence Exchange (TIE) acts as a reputation broker that combines threat intelligence from imported global sources, such as Trellix Global Threat Intelligence (GTI) and third-party threat information (such as VirusTotal) with intelligence from local sources, including endpoints, gateways, and advanced analysis solutions. Using Trellix Data Exchange Layer (DXL), it instantly shares this collective intelligence across the security ecosystem, allowing security solutions to operate as one to enhance protection throughout the organization. - Trellix Insights is an industry-first proactive security solution that changes the cyber security paradigm with the capability to stop threats before the attack. It provides actionable and preemptive threat intelligence by leveraging Trellix's cutting-edge threat research, augmented with sophisticated AI applied to real-time threat telemetry streamed from over 1 billion sensors. This global insight is applied to assess an organization's environment and its security posture to predict and prioritize actions for the Security Operations Team. - Trellix Helix Connect integrates data from security tools (Trellix native controls and 490+ third parties) to tell you the complete story of an attack. Data is ingested from multiple sources, then correlated by pre-built analytics and rules to create multi-vector, multi-vendor detections.Trellix GovCloud Security Platform (formerly known as Trellix XDR GovCloud) is a SaaS offering that is deployed on AWS GovCloud IaaS. The SaaS offering is made up of a suite of solutions developed by Trellix. Trellix GovCloud Security Platform enables customers to centrally manage security for their organization while leveraging real-time monitoring and protection of the environment. Machine learning, artificial intelligence, and behavioral analysis are used to detect and respond to suspicious activity based on comparing observed activity to real-world adversarial attack techniques.

Trellix Email Security GovCloud

FedRAMP Authorized

The Trellix ESC GovCloud is a SaaS offering that provides advanced protections against modern sophisticated email attacks. ESC GovCloud consolidates advanced threat prevention with traditional Email Anti-Spam and Anti-Virus security to optimize spending, reduce false positives, and enable operational efficiencies through consolidation. ESC GovCloud can be deployed in line to analyze emails and quarantine threats for active protection, or as a passive monitor for 'bcc' type review of each email. With no hardware or software to install, the ESC GovCloud is a particularly good fit for organizations seeking to move their infrastructure into the cloud. This eliminates the complexity of procuring, installing, and managing a physical infrastructure. ESC GovCloud provides organizations several unique capabilities, such as: - Identifying previous targets of spear-phishing, impersonation, virus and spam emails - Locating copies of the malicious email in target inboxes - Finding out if the message is being forwarded to new targets - Detection of advanced malicious URL threats - The ESC Portal shows region- and industry-based malware trends, has customizable security policies, RBAC, and audit logging. Organizations face an ever-increasing number of threats from email-based spam, viruses, and advanced threats. ESC GovCloud uses the signature-less Trellix Multi-vector Virtual Execution™ (MVX) engine to analyze every attachment and URL within emails to detect threats and stop advanced attacks in real-time. Today's advanced attacks use email as a primary delivery mechanism for malicious content. While some attacks use an attachment with embedded malicious code, it is common for cybercriminals to use a malicious link thereby blending attack tactics in the hopes of bypassing today's traditional defense silos. ESC GovCloud uses the cloud-based MVX engine to detonate email attachments against a cross-matrix of operating systems and applications, including multiple Web browsers and plug-ins like Adobe Reader and Flash. To block spear-phishing emails, ESC GovCloud analyzes every attachment using the MVX engine to accurately identify today's advanced attacks. ESC GovCloud includes anti-virus and anti-spam engines and may also be paired with an organization's existing anti-virus and anti-spam email gateways.

Trello Enterprise Cloud

FedRAMP Authorized

AI for Federal Acquisitions (ACQBOT)

FedRAMP In Process

Trend Cloud One for Government

FedRAMP Authorized

Trend Vision One for Government

FedRAMP Authorized

Trustwave Fusion

FedRAMP Authorized

Network Inventory and Optimization Solution (NiOS®)

FedRAMP In Process

Tyler Federal Product Suite

FedRAMP Authorized

Tyler Data Platform, powered by Socrata

FedRAMP Authorized

FedRAMP Authorized

UberEther Advantage The UberEther Advantage platform offers a highly secure and easy-to-deploy boundary platform with FedRAMP High and DoD IL5 authorizations based on NIST 800-53 Revision 5 security control requirements. The platform includes two main solutions within the authorization boundary: • ATO Advantage: An empty boundary platform designed to accelerate FedRAMP and DoD authorization for agency solutions and third-party software products. • IAM Advantage: A comprehensive identity and access management (IAM) solution equipped with pre-installed, configured, and optimized IAM tools. ATO Advantage ATO Advantage provides a Platform as a Service approach to satisfy over 355 of the required 425+ technical controls out-of-the-box, which are then inherited by third-party applications when deployed on the platform. This includes the preparation of required documentation and artifacts such as the System Security Plan (SSP) and automated POA&M reports. The platform can help agencies and software vendors deliver their solutions securely at the speed of need. IAM Advantage IAM Advantage delivers an end-to-end identity management solution integrating leading identity and access management products. This includes support for seamless single sign-on (SSO), multiple NIST 800-63 multi-factor authentication options, privileged user management, and separation of duties enforcement. The platform ensures compliance with Continuous Diagnostics and Mitigation (CDM) and EO 14028 requirements. Services: • AppGate Software Defined Perimeter • BeyondTrust Endpoint Privilege Management • BeyondTrust Password Safe • CyberArk Central Policy Manager • CyberArk Digital Vault • CyberArk OnDemand Privileged Manager • CyberArk Password Vault Web Access • CyberArk Privileged Access Management • CyberArk Privileged Session Manager • CyberArk Privileged Threat Analytics • PingAM (formerly ForgeRock Access Management) • PingDS (formerly ForgeRock Directory Services) • PingGateway (formerly ForgeRock Identity Gateway) • Ping IDM (formerly ForgeRock Identity Management) • Nok Nok - Phishing Resistant S3 Authentication Suite • OpenSearch & Dashboards (SIEM & User Behavior Analytics) • Ping Government Identity Cloud • PingAccess • PingAuthorize • PingCentral • PingDirectory • PingFederate • Ping MFA for Government • Radiant Logic RadiantOne Data Management • Sailpoint IdentityIQ (IIQ)

Automation Cloud Public Sector

FedRAMP Authorized

Contracting SaaS

FedRAMP Authorized

FedRAMP Authorized

FedConnect provides US Government Acquisition leaders and Contract Officers a secure, full-lifecycle, auditable approach to interacting with vendors and complying with Paperless Contracting mandates. FedConnect is a Federal acquisition and grants portal where vendors and grant applicants can find opportunities for federal contracts, grants, and other types of assistance funding. It was developed to bridge the gap between government agencies and their vendor and grant applicant/recipient communities in order to streamline the process of doing business with government. Through the FedConnect portal, Federal Government representatives are able to issue opportunity requests and make awards via the internet. Company representatives are able to review opportunities, submit bids or proposals, and receive awards. FedConnect provides an open channel of communication with the government that is both secure and auditable. There are three types of government opportunities facilitated through FedConnect: traditional eRFX issuance, Reverse Auction events, and Financial Assistance opportunities, e.g. grants. For eRFX and Financial Assistance opportunities, FedConnect is offered by subscription fee to Federal Government agencies that are federally regulated. For Reverse Auction only, there is no subscription fee to Federal Government agencies. The bidding and winning vendor company is responsible for payment upon award. On the government side, FedConnect is accessed through a system-to-system interface to the Unison Contracting and Grants software applications, where Government procurement and grant representatives become indirect users of FedConnect. On the Vendor/Applicant side, FedConnect is accessed via the internet with a browser. Anyone can access the FedConnect web site and review public opportunities. However, to receive directed opportunities that are not publicly issued, respond electronically, and receive ongoing communications, a vendor/applicant must be registered. To learn more about FedConnect and its capabilities, please visit the public portion of the FedConnect site.

FedRAMP Authorized

The US AI platform is a managed service comprised of a suite of microapps and microservices built on an AI-powered data lake, zero-trust framework, and hyperscale microservices infrastructure. Using microservices, US AI decomposes complex business components into smaller, autonomous services that are infinitely more scalable. US AI operates under a multi-tenancy model, where customers have the option to leverage the shared tenant to save money or have their own tenant to house their unique data; all while also leveraging the hyperscale community database containing hundreds of millions of valuable, common, and curated records for acquisition, grants, finance, health, and supply chain. A cloud native infrastructure, US AI scales elastically and dynamically, and relies on infrastructure automation and devsecops to optimize the operations and management of the infrastructure. The US AI suite consists of microapps, mobile apps, and microservices that power global business operations through a suite of services: 1. Extreme Innovation Software Factory - Customers may subscribe to (or acquire) the microapps in the US AI app store. Alternatively, customers may host their applications, leverage the native CI/CD pipelines, software libraries, data pipelines, and security controls to launch their applications with speed, quality, and high impact security. Customers may acquire a tenant to run their applications and isolate them from other applications within US AI. Using templates, customers run their applications on their own Kubernetes clusters across multiple high impact clouds such as Amazon Web Services, Google Cloud, and Microsoft Azure. Customers may acquire access to a curated community data lake consisting of over 50 public data sets for acquisition, finance, supply chain, healthcare, insurance, etc. 2. Archangel - Archangel demystifies, automates, and streamlines the cybersecurity lifecycle, from Governance, Risk, and Compliance (GRC) to Continuous Diagnostics and Mitigation (CDM). Cloud Service Providers (CSPs) and security professionals apply AI to eliminate redundancy, digitize workflows, and automate security accreditation by predicting compliance with security controls. Additionally, CSPs and security professionals apply Blockchain, AI, and RPA to continuously monitor device logs and predict vulnerabilities and breaches. Lastly, security, supply chain, and risk management professionals apply AI to predict global security and supply chain risks. 3. Certior – Certior is a highly accessible solution for providing unparalleled traceability, provenance, and auditability to any level of granularity an organization wishes to track to. Certior accomplishes this by letting organizations model and set up tracking for their various products and supply lines through easy-to-use point and click configuration. Without needing developers, you have a great amount of control over what gets tracked when, by whom, and to what level of detail. 4. Evolution - Evolution applies a low-/no-code process configuration designer to empower customers to facilitate, manage, and monitor the movement of individuals entering and leaving any secured locations; requesting services; and receiving services including, but not limited to passport, visas, asylum, healthcare, transportation, etc. 5. Forsight - Forsight is a novel general purpose AI platform that uses unsupervised and supervised machine learning to collect, sanitize, curate, and index both structured and unstructured acquisition, emergency response, finance, grants, health, and supply chain data within a high performing, parallel processing data lake. Forsight facilitates the extraction of crucial business insights and predictions for price optimization, compliance, risk, fraud, etc. Lastly, Forsight connects humans to the AI workflow to train the machine to make better predictions. 6. Gini - Gini applies Blockchain, AI, and RPA to intelligently automate the grants life cycle, institutionalize a standardized pre-award risk framework, and reconcile financial ledgers throughout the grant ecosystem. Grants professionals and recipients use the digital dossier to share data and reduce recipient burden and administrative costs. Gini runs on hyperscale community database that consolidates, curates, and indexes over 100TB of data from 30+ public and private data sources. Gini uses AI to scan millions of records of data including single audits to extract key findings, including but not limited to financial health; procurement, suspension, and debarment; improper cash management; excessive executive pay, eligibility; etc. 7. Illuminate - Illuminate is a collection of emerging technologies that power a state-of-the-art supply chain ecosystem. Contracting professionals leverage intelligent automation to accelerate acquisition, make smarter buys, and ensure compliance. Additionally, contracting professionals leverage AI to automate contract formation, administration, and closeout. Lastly, supply chain leaders use Blockchain and AI to track the provenance of goods and services and “illuminate” areas of inefficiencies. 8. Siqi - Siqi is a collection of emerging technologies that power a state-of-the-art healthcare ecosystem. Siqi uses mobile and micro apps to collect vital personal health information and save transactional information onto a blockchain. Personal digital identity and health records are protected via encryption and self-sovereign identity. Siqi uses AI to predict the presence of disease such as COVID, skin cancer, etc. and provides an immutable digital provenance for contact tracing and disease analysis. 9. Velicus – Velicus applies Blockchain and AI to combat global pandemics by transforming the global emergency response through a coordinated ecosystem. Velicus facilitates the global emergency response process to pandemics like COVID-19, Ebola, SARS, MERS, etc. Participants in the emergency response value chain can track the geolocation, health, and safety of responders, connecting to their deployment force anywhere in the world. AI is used to match responders to an event based on requirements such as skill, education, mental health, etc.

USDA Digital Infrastructure Services Center

FedRAMP Authorized

The USDA's Digital Infrastructure Services Center (DISC) is a federally-owned Cloud Service Provider for systems that are owned by Federal, State, and Local governments. The USDA DISC offers both IaaS and PaaS services to its customers on Midrange and Mainframe infrastructure, with a variety of operating system platforms and database options to choose from in a fully virtualized hosting environment. Network services are provided for both IaaS and PaaS environments, and offer robust, secure and highly redundant connectivity to the USDA WAN and the Internet. Additional information about these services is available here (http://www.ocio.usda.gov/about-ocio/data-center-operations-dco). The USDA DISC Service Catalog is available here (http://www.ocio.usda.gov/document/nitc-service-catalog) The USDA DISC Infrastructure as a Service (IaaS) offering provides a virtual machine infrastructure which allows customers the option to maintain control of their operating and general support systems at the system level. Network, Facility and Operational Support Services are included with all IaaS offerings. Security monitoring and defense in depth for all IaaS servers is provided via periodic vulnerability scanning with best-in-class software. IaaS customers receive the benefit of fully managed standardized hardware, advanced server virtualization, strict standards, security and economies of scale from DISC. The USDA DISC's Platform as a Service (PaaS) offerings build upon IaaS offerings and enable customers to select from secure, standardized Operating System images that are configured to meet actual processing requirements. The PaaS service offering provides fully managed Operating Systems that are maintained by USDA DISC. These hardened and virtualized operating systems leverage advanced server virtualization technologies, compliant security and build standards, and economies of scale. The PaaS offering enables rapid delivery of cost-effective, fully-managed operating platforms offering expanded controls to securely host customer's mission critical applications. This USDA DISC PaaS offering is currently available for multiple operating systems, including: RedHat Linux, Microsoft Windows, Oracle Solaris, IBM AIX, and zOS. The DISC PaaS Service offering also fully supports many database offerings, including: mySQL, MSSQL, Oracle and DB2. Security services offered by USDA DISC, as part of all standard service offerings, are implemented and monitored through Department of Homeland Security (DHS) Continuous Diagnostics and Mitigation (CDM) solutions. In addition to the FedRAMP Moderate security control baseline, the USDA DISC has implemented FISMA High security controls for all service offerings and FedRAMP+ DoD Impact Level 4 (IL4) controls within the Midrange PaaS service offering.

AgCloud Managed Platform Services (AMPS)

FedRAMP Authorized

Treasury Cloud (TCloud)

FedRAMP Authorized

Workplace.gov Community Cloud (WC2)

FedRAMP Authorized

Unqork for Government

FedRAMP Authorized

FedRAMP Authorized

USU IT Asset Management

FedRAMP In Process

Valimail Enforce Platform

FedRAMP Authorized

FedRAMP Authorized

Varonis DatAdvantage Cloud

FedRAMP In Process

Varonis DatAdvantage Cloud is a cloud-hosted data security platform for protecting and governing enterprise data. Varonis DatAdvantage Cloud protects data wherever it lives by reducing unnecessary access, fixing misconfigurations, inventorying and labeling critical data sets, and stopping insider threats. With Varonis DatAdvantage Cloud agencies can meet EO 14028 requirements to establish zero trust by inventorying and protecting their most sensitive data. OMB 22-09 data pillar and identity requirements can be fulfilled automatically with DatAdvantage Cloud's powerful automation suite. DatAdvantage Cloud tracks all user activity around cloud platforms and aggregates these logs in a single source. Varonis’ advanced user and entity behavior analytics helps to identify compromises by understanding anomalous behavior at the file/object level, easily fulfilling OMB 21-31 up to EL-3. Automated dashboards track various Federal regulations (i.e. NIST 800-53) for easy compliance reporting. Varonis DatAdvantage cloud integrates with a wide array of data repositories, SaaS applications, and cloud infrastructure to give customers a holistic view of their data. Varonis can be used to address these important use cases and more: Detecting insider threats and cyberattacks: Varonis DatAdvantage Cloud detects threats to data, including insider threats and external cyberattacks with a live-updating library of pre-built threat models based on attack techniques and vulnerabilities used by real-world adversaries. Limiting the blast radius of an attack: Varonis DatAdvantage Cloud analyzes where there is unnecessary access to data and can eliminate excessive access at scale, drastically reducing the damage from insider threats and cyberattacks. Preventing data exposure: Varonis DatAdvantage Cloud’s DSPM capabilities help teams automatically classify sensitive data, find where information is exposed externally or internally, and helps teams continually prioritize remediation efforts to improve security posture. Fixing misconfigurations: Varonis DatAdvantage Cloud provides SSPM capabilities to analyze and fix misconfigured Software as a Service (SaaS) applications, discover shadow instances, and spot vulnerabilities that could put data at risk. Achieving compliance: Varonis’ vast library of classification policies can discover sensitive data related to GDPR, CCPA, HIPAA, PCI, FTI, CUI, CJIS, Secret, Top Secret and more. The permissions analysis and continual monitoring Varonis provides gives auditors a real-time pulse on compliance and helps customers achieve compliance with NIST 800-53, NIST 800-171, RMF, CMMC, IRS Pub 1075 and more.

Varonis Data Security Platform

FedRAMP Authorized

The Varonis Data Security Platform is a cloud-hosted data security platform for protecting and governing enterprise data. Varonis DSP protects the most used data stores by enforcing least privilege, fixing misconfigurations, inventorying and labeling critical data sets, and stopping insider threats. With the Varonis DSP agencies can meet EO 14028 requirements to establish zero trust by inventorying and protecting their most sensitive data. OMB 22-09 data pillar and identity requirements can be fulfilled automatically with Varonis’ powerful automation suite. The Varonis DSP tracks all user activity around cloud platforms and aggregates these logs in a single source. Varonis’ advanced user and entity behavior analytics helps to identify compromises by understanding anomalous behavior at the file level, easily fulfilling OMB 21-31 up to EL-3. Automated dashboards track various Federal regulations (i.e. NIST 800-53) for easy compliance reporting. Varonis integrates with agencies most used data stores like M365, NAS devices, Unix/Linux, and other cloud collaboration tools to give customers a holistic view of their data. Varonis can be used to address these important use cases and more: Detecting insider threats and cyberattacks: Varonis provides behavior-based threat detection that uses machine learning to alert on abnormal user or device behavior. Additionally, Varonis provides a live-updating library of pre-built threat models based on attack techniques and vulnerabilities used by real-world adversaries. Pinpointing data exposure: Varonis automatically classifies sensitive data, highlights where information is exposed externally or internally, and automatically removes unnecessary access to enforce least privilege. Limiting the blast radius of an attack: Varonis safely automates permissions changes to eliminate unnecessary access and drastically reduces the damage from insider threats and cyberattacks. Tracking Email Abuses : Varonis scans inside of emails/attachments and captures all user email activity while alerting on abuses, tracking spillage, and mapping the exact flow of sensitive data through email platforms. Achieving compliance: Varonis’ vast library of classification rules can discover sensitive data related to GDPR, CCPA, HIPAA, PCI, CUI, FTI, CJIS, Secret, Top Secret and more. The permissions analysis and continual monitoring Varonis provides gives auditors a real-time pulse on compliance and helps customers achieve compliance with NIST 800-53, NIST 800-171, RMF, CMMC, IRS Pub 1075 and more.

Vaultara Flare Services

FedRAMP Authorized

FedRAMP Authorized

Veracode Online Security Platform for Government

FedRAMP Authorized

Verint Self-Service for Government

Alta SaaS Protection (ASP)

Veritone Intelligent Digital Evidence Management System (iDEMS) for Government

FedRAMP Authorized

Veritone Illuminate Veritone Illuminate is part of the Veritone iDEMS suite. Veritone Illuminate minimizes discovery spend and time for legal teams by transcribing, searching and analyzing audio, video and text-based evidence early in a case to quickly identify, cull-down, and focus on relevant data only. Veritone Illuminate enables law enforcement investigative teams to cost-effectively search, analyze, and explore large amounts of audio, video and text-based evidence. Accelerate early case assessment efforts by automatically making structured and unstructured (audio, video) evidence data searchable by keywords, faces, objects, and more. Cull down evidence data to focus your eDiscovery on relevant content only. Reveal front-end insights that might not have been uncovered in subsequent search efforts with cutting-edge conceptual and structured text analytics supporting text-based files, audio and video. Quickly transcribe audio and video recordings. All transcripts can be downloaded and opened with any word processing application such as Microsoft Word. Minimize storage costs by culling and analyzing large volumes of evidentiary media at scale. Reduce translation costs by leveraging automated machine-based capabilities supporting 70+ languages and dialects. Facilitate downstream review via one-click export into your eDiscovery platform of choice. Veritone Redact Veritone Redact is part of the Veritone iDEMS suite, and empowers judicial and law enforcement agencies to swiftly redact sensitive, personally identifiable or compromising information from audio and video evidence, and share that evidence within existing workflows. With its AI-powered, all-in-one approach, Redact transforms the way agencies comply with public information disclosure requirements by streamlining digital evidence redaction workflows, and in turn, increasing productivity of public safety personnel. Veritone Redact is an equipment-agnostic solution enabling users to simply upload audio and video evidence from a local computer or cloud repository. Packaged as a complete solution, Veritone Redact empowers agency teams to manage their digital evidence redaction workflow in one place with the ability to tag the status of evidence redactions, as well as export fully redacted video and audio files including audit logs detailing edits made to evidence by individual users to support chain of custody requirements. The solution can be integrated with frequently-used hardware providers and is deployable in either commercial cloud or secure government cloud environments that are configured to meet customers Criminal Justice Information Services (CJIS) security requirements. Veritone Track Veritone Track is part of the Veritone iDEMS suite. Veritone Track is a digital forensics tool for law enforcement and public safety agencies. It analyzes videos from separate sources to track persons of interest without using personally identifiable information (PII). It uses re-identification AI technology to detect people and vehicles and track where they appear across other video footage to accelerate video evidence analysis. Inundated with mountains of video evidence, agencies can drastically reduce the number of hours spent reviewing footage to build a timeline of events and a comprehensive narrative around an event or individual. The impact for DOD customers will be large-scale efficiency improvements in investigation processes, evidence review, and significant cost savings. Veritone aiWARE Operating System aiWARE™ for Government is an operating system for artificial intelligence (AI) that turns both private and public media into actionable intelligence. This transformation from data to understanding is achieved through the organized interrogation of content via a robust set of artificial intelligence engines and powerful applications acting in concert. A continuously-evolving environment of advanced applications, core services, developer tools, and cognitive computing - aiWARE offers potent content ingestion, indexing, search, correlation, analytics, sharing, and collaboration capabilities. aiWARE affords unprecedented scalability and computational analysis in a SaaS delivery model. It makes advanced artificial intelligence truly accessible, understandable and beneficial to users of all technical skill levels for simplified organization and analysis of the escalating volumes of audio and video media as well as structured content. The aiWARE ecosystem of best-of-breed cognitive engines in a single platform eliminates the need for agencies and mission owners to select one vendor from the landscape of thousands of engines, which effectively future-proofs technology choices, and ensures timely and common access to the latest AI advances. Veritone Automate Studio Veritone Automate Studio is a low-code / no-code automation solution within Veritone’s aiWARE Enterprise AI platform, Automate Studio helps you to easily deploy AI workflows quickly and efficiently, cutting down your development efforts from months to days to even hours. From creating a workflow to extracting data trapped in a disparate data source to applying different AI models to a particular dataset, Automate Studio helps your development team meet those long manual coding processes in a quick and an efficient manner. The impact for DOD customers is gaining the ability to easily create and deploy AI-based workflows to ingest, index, extract, and export content, transforming that content into actionable intelligence and making that intelligence available to bespoke & legacy applications. Veritone Integrations Veritone’s iDEMS currently ingests and supports data from the following platforms and tools: - Freedom Of Information Act (“FOIA”) providers such as Granicus and Opexus; - Body & dash camera companies: Axon’s Evidence.com, Motorola Solutions, Getac, Reveal, LensLock, 10-8 Video, PatrolEyes, Safe Fleet, WOLFCOM, VeriPic, i-PRO and Trusted Technology Solutions - Device extraction tools: Cellebrite and Graykey (Axiom) - Home security systems: Ring, Arlo and SimpliSafe - Drone manufacturers: DJI, Skydio and BRINC - Video management systems: Milestone and Qognify - Investigations and forensics providers: Nuix Neo Investigations and Exterro Digital Forensics Suite - Gunfire detection systems: SoundThinking, Inc. - Gun crime intelligence: EvidenceIQ’s BallisticIQ - License plate readers: Flock Safety - Secure data link protocol providers: Link 16 - e-discovery platforms: Exterro e-Discovery Suite; Relativity and Nuix Discover - Hyperscaler’s cloud storage platforms: iAWS S3; Azure Storage, Google Storage and IBM

Verizon Managed SD WAN

Verizon Government Cloud

Verkada Command Platform

Digital Health Research Platform

FedRAMP In Process

Virtru Data Security Platform

FedRAMP Authorized

Federal Cloud (VFC)

FedRAMP Authorized

FedRAMP Authorized

The VLogicFM® system is designed to provide users with real-time information about facilities that are managed within the system. System Function or Purpose The VLogicFM system provides users with an overview of facilities usage as well as output data from sensors installed within the various facilities (e.g., motion, temperature, and humidity sensors). The VLogicFM system achieves this goal through the use of multiple modules that end-users can access via the VLogicFM Graphic User Interface (GUI). VLogicFM is composed of the following modules. Administration Module The Administration module provides a set of tools and utilities that allow administrators to manage user accounts and credentials, set up locations properties such as Sites, Buildings and Floors, and manage overall Access Control. Reports of background data and a Logbook of the activities in all modules by all users are also included in the Administration module. This module is accessible only by Administrators. As-Builts Module The VLogicFM As Built module provides a secure cloud-based repository of master as-builts CAD drawings, organized by site, building, floor and discipline. It facilitates sharing of drawings with professionals like engineers, construction managers, project managers etc. Stakeholders with access privileges can collaborate my notating ideas and comments right on the drawings for later discussion and decision-making. The As-Builts module also provides for drawings version control management, to keep track of all drawing iterations, and maintain an archive of all past versions. Assets Module The VLogicFM Assets module provides a repository to store an inventory of facility assets. In addition, this module maps these assets to their location on facility floor plan drawings. This allows the user to not only list specific assets but also mark asset locations right on the CAD floor plan drawings—rapid identification of an asset AND its floor plan location simultaneously. The Assets module lets you add asset attributes, documentation, and attach asset pictures. Finally, you can also conduct asset audits using the companion VL Audit Android/iOS app for scanning asset and room bar/QR codes. Capital Asset Inventory (CAI) Module Each VA Medical Center is obligated to periodically submit a Capital Asset Inventory (CAI) report to its VISN office and ultimately to VA Central Office. Part of this VA report includes over 90 specific facility-related CAI space drivers that must be assigned to every space in the facility. The VLogicFM CAI module was custom-made specifically for the VA and includes all of these mandatory CAI space drivers. Users can assign these CAI space drivers to every space in the facility. This allows users to leverage VLogicFM to rapidly generate facility-related CAI reports for use in their periodic CAI submissions. What used to take weeks of manual effort can now be done in minutes. Employee Module The Employee Module manages assignments of employee lists to specific spaces on the CAD floor plan drawings by role/title or name. This module allows a facility to show how different organizations are stacked in the facility and also provides tools for moving employee room assignments across the facility. Fire and Life Safety Module The Fire and Life Safety Module facilitate organized documentation of the Fire Protection system linking riser diagrams, floor plan drawings and any other available documents. Connectivity information and other details required for maintenance of the system can be attached to the components and fixtures, which can be viewed in the context of the floor plan drawing. Datasheets, photographs, notes, etc. can be attached to any component of the system. Locating components like Fire Alarm Control Panel, Smoke Detector, Pressure Gauge, etc. can be done through simple search and report options. Plan Room Module The Plan Room is a virtual library for storing digital facility drawings and related files. The module supports up to 70+ file formats. Customer administrators can set access permissions at the user level. Users can search the documents/drawings using keyword and advanced search options and download the documents for which they have access permissions. Real Property Module The Real Property Module is intended for Tenants, Landlords and Brokers. It enables Facility Managers to keep track of their leased spaces and manage their leases effectively. This module lets users manage lease details such as Lease Type, Lease Property Type, Lease Category, Execution Date, Commencement Date, Expiry Date, Landlord/Tenant name, Lease Area and any other information that needs to be associated with the lease. Scheduling Module The Scheduling module is a robust room and desk booking/reservation system that enables everything from conference room reservations to hot desking bookings for hybrid work environments. Users can search for rooms they want to schedule by capacity, location, and even what amenities are provided in the room (AV equipment, white board, etc.). A check-in system is also deployed to mitigate against users overbooking spaces. Space Module The Space module is at the core of VLogicFM’s space management capabilities. The module pairs a powerful cloud-based MS SQL database with accurate CAD drawings, also stored on the same cloud repository. The combination of these two resources gives users the power to not only locate lists of rooms and room attributes, but also run distribution reports that colorize different rooms by Service Line / Department or other attributes. The Space module also provides the user with a range of reporting options to gauge trends, usable and chargeable areas and cost per square foot. Tracking Module The Tracking module uses IoT-based sensors installed in the facility to render objective occupancy data in real time. This module is currently used by VA users to assess occupancy trends for use cases such as space planning and load balancing / utilization of patient exam rooms between different service lines, clinics and sub-clinics. Utilities Module The Utilities Module facilitates organized documentation of the Utilities Systems linking riser diagrams, floor plan drawings and any other available documents. Connectivity information and other details required for maintenance of the utility system can be linked to the components and fixtures. This allows users to display how parts of these systems are connected to one another in the context of the floor plan drawing. Data sheets, photographs, notes, etc. can be attached to any component of the system to facilitate easy maintenance. Locating components like Flow Control Valve, Smoke Detector, Pressure Gauge, etc. can be done through simple search. Users see lists of components next to these same components blinking on the CAD floor plan drawings. Work Order Module The Work Order module can manage scheduled preventive maintenance activities as well as ad-hoc work request-based service activities. Work orders are generated based on previously defined PM schedules, or other service requests from users. Work orders contain information about a maintenance activity, such as where and how it is to be done, who is supposed to do it, and the supplies needed to complete the task. They keep track of the maintenance activities performed, time taken and cost information that is used to generate reports for planning and analysis.

VMware Government Services (VGS)

FedRAMP Authorized

Vyond for Government

FedRAMP In Process

Vyopta Collaboration Intelligence Platform

FedRAMP Authorized

Wasabi GovCloud (WGC)

FedRAMP In Process

FedRAMP Authorized

Sophia Knowledge Management System

FedRAMP Authorized

Intelligent Technology Management System (ITMS)

FedRAMP Authorized

FedRAMP Authorized

Case Management & Tracking System (CMTS)

FedRAMP Authorized

Wiz Moderate for U.S. Government

FedRAMP Authorized

TeamMate+ FedRAMP

FedRAMP Authorized

Workday Government Cloud (WGC)

FedRAMP Authorized

Workiva Platform

FedRAMP Authorized

Xerox Managed Print Services for US Government

FedRAMP Authorized

FedRAMP Authorized

The AuthentX Cloud provides end-to-end identity, credential and access management to US Federal agencies, quasi-federal agencies, and private organizations that require interoperable identity authentication services with Federal systems and infrastructure. The primary use of AuthentX in the Federal government is to satisfy Homeland Security Presidential Directive #12 (HSPD-12), Federal Identity, Credential and Access Management (FICAM) and related policies, mandates and standards from the Office of Management and Budget (OMB), Department of Homeland Security (DHS), and National Institute of Standards and Technology (NIST) Special Publications (SP). Therefore, the AuthentX Cloud solution offered is aligned with federal mandates and high assurance requirements regarding cybersecurity, multi-factor authentication, Federal interoperability, and secure solutions for consolidation of data centers. The AuthentX Cloud consists of COTS hardware, software, and network components assembled and connected in multiple data centers. Hardware includes the XTec AuthentX XaNode appliances, the XTec AuthentX Secure Appliance (ASA), enrollment and issuance peripherals, the XTec XNode and XTec card readers, and Thales SafeNet Hardware Security Modules (HSM's). The software of the AuthentX system is built entirely from source to produce the AuthentX Linux Operating System (OS), customized embedded Microsoft OS, the AuthentX Enrollment Manager application, as well as other software packages. XTec's AuthentX Cloud also provides Hardware Security Module (HSM) as a Service using Thales Trusted Cyber Technologies' (TCT) flagship Luna T-Series HSM. This cloud-based HSM, known as Luna as a Service, allows customers to generate, store, protect and manage cryptographic keys used to secure sensitive data and critical applications. The Luna T-Series HSM at the core of Luna as a Service is FIPS 140-2, Level 3 certified, and is approved for use in National Security Systems PKI. XTec's AuthentX Cloud Luna as a Service is offered using three (3) models: - Luna as a Service Dedicated HSM provides customers full cryptographic control of the entire HSM. - Luna as a Service Managed HSM provides customers HSM cryptographic capabilities in a scalable, cost-effective model. Administrative tasks such as provisioning, configuring, monitoring, and patching are all performed by U.S.-based Luna as a Service engineers. - Luna as a Service Credential System provides customers a cloud service model of Thales TCT's Luna Credential System (LCS). LCS offers multi-factor authentication by maintaining user credentials in a centralized hardware device that is securely accessible through the cloud service by endpoints in a distributed network. LCS is a multi-purpose, secure credential system ideally suited for an environment in which the endpoints, or users cannot use a traditional authentication token.

Yello Government Recruiting Solution

FedRAMP Authorized

Zendesk Customer Support and Help Desk Platform

FedRAMP Authorized

FedRAMP In Process

Zimperium Mobile Endpoint Cyber Security

FedRAMP Authorized

ZL Unified Archive (ZL UA)

FedRAMP In Process

ZL Unified Archive's massively scalable architecture consolidates managing all unstructured content on one platform. Data can be managed in-place and via archiving, for requirements in records management, FOIA, eDiscovery, compliance, privacy, and information governance, while enabling agencies to extract intelligence for analytics and AI training. ZL Unified Archive (ZL UA) offers a comprehensive electronic records management system designed to centralize and automate records capture, storage, retention, and disposition for all federal agencies. This system is tailored to meet the statutory and regulatory requirements set forth by the Federal Records Act, the National Archives and Records Administration (NARA), and the Code of Federal Regulations (36 CFR Chapter XII, Subchapter B), ensuring compliance across all types of records, including temporary, permanent, and essential documents. The platform enables compliance with all NARA Universal Electronic Records Management (UERM), DoDM 8180.01 guidelines, and DoD 5015.2 classified records handling. Data is stored in an encrypted content and data storage system for retention per the agency's policies for which it is being collected. APIs enable the retrieval of this data for future use. Access to all data is restricted to authorized personnel of each agency. Additionally, data can be exported through a user interface that necessitates authentication through an identity management system approved by each agency. Data is safeguarded by allowing IP addresses and firewalls to be listed at the network level, ensuring it is not accessible to individuals outside the agency's scope. The authorization boundary determines the realm of what is accessible in our platform. Key functionalities of the platform include: - In-place management of data, enabling the extraction of intelligence from documents without creating copies - Defensible deletion and cleanup of files - The capability to channel governed, relevant data into analytics and AI applications - Capture of records from a variety of electronic sources - Manual and automated classification of records - Global search, including sorting by relevance, for eDiscovery, investigations, and FOIA requests - Custom retention periods with time-, event-, and metadata-based triggers -Retention of records by agency-specific and General Retention Schedules - A complete audit log details all actions taken on documents for defensible records management and document deletion - A unified system for records management, compliance, eDiscovery, and FOIA requests, so that actions taken on documents are applied universally

Zoom for Government

FedRAMP Authorized

The Zoom for Government Platform is a Zoom product offering for the US Federal, and US Department of Defense communities. The Zoom for Government Platform is an all-in-one collaboration platform that makes connecting easier, more immersive, and more dynamic for people and businesses. Zoom for Government FedRAMP JAB authorized products include: - Zoom Cloud Video Conferencing - a cloud-based collaboration service which includes video, audio, content sharing webinars and collaboration. -Zoom Events - is a versatile platform that allows customers to create a variety of engaging virtual experiences for attendees. Events allow for users to manage their own branded event hub, track ticketing and registration, control user access from one dashboard, and allow networking during Zoom Events. - Zoom Rooms - software-based group video conferencing for conference and huddle rooms that run off-the-shelf hardware including a dedicated MAC or PC, camera, and speaker with an iPad controller. - Zoom Whiteboard - provides customers with a set of easy-to-use tools to collaborate together to capture ideas, processes, and concepts. With features focused on fostering innovation, Zoom Whiteboard makes it simple for hybrid teams to interact in new ways for seamless collaboration. - Workspace Reservation - is a solution that enables customers to reserve flexible workspaces ahead of time or when they arrive at the office. Feature is enabled by the customer admin via the Zoom administrative portal and available workspaces are managed in the Room Management service. - Zoom Mesh - is a native client-based Mesh (eCDN) solution for Zoom Webinars and Events, that allows organizations to better manage how their users receive Webinar and Event media streams. It is all built within the existing Zoom for Government Client, subscribing to Zoom Mesh activates the ability of the Zoom for Government client to allow Mesh through customer designated client for meetings and Webinars. No transport or encryption is changed in the Mesh client communication with the Zoom for Government security boundary. - Continuous Meeting Chat allows meeting participants to communicate before, during, and after a meeting by creating a dedicated group chat in Zoom Team Chat for all meeting participants. When enabled, in-meeting chats will show up in that group chat as they are sent in the meeting, allowing meeting conversations to continue after a meeting ends. Schedule a recurring meeting and have a group chat that follows the group for the entire project, in and out of meetings. - AI Companion for ZfG, Zoom for Government’s generative AI assistant, empowers individuals by helping them be more productive, connect and collaborate with teammates, and improve their skills. AI Companion for ZfG is a set of generative AI features that can be enabled within the Zoom for Government platform. - Zoom Team Chat - send chat messages in public or private channels organized by projects, teams, or topics with the ability to share files, emojis, screenshots, and more. - Zoom Phone - a cloud-based phone system with traditional PBX features, integrated PSTN connectivity, enhanced emergency services, and support for calling from mobile apps, desktop apps, and legacy desk phone devices. - Zoom Contact Center (ZCC) - is an omnichannel contact center that's optimized for video and integrated into the same Zoom experience. Zoom Contact Center brings unified communications together with contact center capabilities. ZCC builds off the FedRAMP Authorized service Zoom Phone. ZCC is administered in the Zoom for Government administrative portal. - Zoom API - provides the ability for developers to easily add Video, Voice and Screen Sharing to your application. Our API is a server-side implementation designed around REST. The Zoom API helps manage the pre-meeting experience such as creating, editing, and deleting resources like users, meetings, and webinars. - The Zoom Meeting SDK - lets you display the familiar Zoom meeting and webinar experience in your app or website. The Meeting SDK interface resembles the Zoom client, except that it lives inside your own app or website. - Zoom Client - a local client that allows users to start/join a meeting, employ in-meeting controls for participants, hosts, and co-hosts, webinar controls, manage participants, share screen controls, chat, establish channels, add contacts, and modify settings. - The Zoom for Chrome PWA - allows customers to use FedRAMP authorized services Chat and Phone- , currently available on the desktop client or mobile app, within the Chrome web browser. - QSS - enables enterprise organizations to identify, troubleshoot, and resolve network and service disruptions in near real time for every user, host, and participant across Zoom Meetings, Webinars, & Phone (all FedRAMP authorized services) within their enterprise subscription. The change introduces a new Webhook API to the boundary to transfer this information over TLS 1.2 to customer owned tooling.

Zscaler Private Access - Government (Zero Trust Networking - VPN Replacement)

FedRAMP Authorized

Zscaler Private Access Gov, part of the Zscaler Zero Trust Exchange, enables fast, secure connections and allows your employees to work from anywhere using the internet as the corporate network. Based on the zero-trust principle of least-privileged access, it provides comprehensive security using context-based identity and policy enforcement. Zero Trust Exchange helps agencies achieve the target goals of the Executive Order 14028 and resulting OMB mandates, CISA guidance and directives. ZPA Gov security products are currently utilized by over 100 federal agencies and federal systems integrators today in Zscaler's US-based FedRAMP Moderate and FedRAMP JAB High approved boundaries in support of the Cybersecurity and Infrastructure Security Agency (CISA) Trusted Internet Connection (TIC) 3.0 use case model for FedRAMP approved Policy Enforcement Point (PEP) capabilities. TIC 3.0 Use Case Examples (Branch Office, Remote Users, and Cloud) Zero-trust VPN alternative: Legacy VPNs fail to deliver the security, visibility, and user experience today's distributed workforce requires. ZPA delivers fast, direct access to private apps by eliminating VPN traffic backhauling which creates latency, resulting in lost productivity. Secure Hybrid Workforce: Users require the ability to move fluidly between their homes, remote locations, branch offices, and headquarters. ZPA enables seamless and secure access to private apps from wherever they need to work, on any device. Local users benefit from an identical experience through an on-prem broker that replicate the policies and controls of the cloud. Third-party Agentless Access: Third-party agencies, contractors, and vendors require secure, direct access to business applications and OT systems from unmanaged devices. ZPA provides secure, direct connectivity from authorized users to named applications without putting third parties on the network. With integrated agentless access, users can access applications from any browser, on any device, without the need to install a client or log into a VPN. VDI alternative: Traditional VDIs are often slow, unresponsive, and introduce significant costs with racks of servers needed in the data center to support remote access needs. ZPA provides secure, direct connectivity to apps over RDP and SSH, enabling a faster, more secure experience for users. With built-in agentless access through the browser employees and third-party users get seamless secure connectivity from any device without complicated desktop provisioning processes. Secure workload-to-workload connectivity: Agencies require fast, secure workload-to-workload connectivity across hybrid and multi-cloud environments. ZPA for Workloads reduces operational complexity and cost by eliminating the need for virtual DMZs and VPN meshes with least-privileged access-based connectivity across clouds. In addition, because workloads are hidden behind ZPA, they are invisible to the internet and impossible to attack. Zscaler will also provide our Zero Trust Exchange services at the FedRAMP Moderate level not only for federal agencies and service integrators, but state, local, education, and critical infrastructure as a fully authorized StateRAMP solution. All Zscaler's FedRAMP platforms are fully managed and supported by US Citizens and meet the ITAR, CJIS, and DFARS requirements and attestations. Zscaler, a Leader in the Gartner Magic Quadrant for Security Service Edge.

Zscaler Internet Access - Government (Secure Web Gateway - vTIC) - High

FedRAMP Authorized

Zscaler Internet Access Gov, part of the Zscaler Zero Trust Exchange, defines safe, fast internet and SaaS access with the industry's most comprehensive cloud native security service edge (SSE) platform. Zscaler's Zero Trust Exchange helps agencies achieve the target goals of the Executive Order 14028 and resulting OMB mandates, CISA guidance and directives. ZIA Gov security products are currently utilized by over 100 federal agencies and federal systems integrators today in Zscaler's US-based FedRAMP Moderate and FedRAMP JAB High approved boundaries in support of the Cybersecurity and Infrastructure Security Agency (CISA) Trusted Internet Connection (TIC) 3.0 use case model for FedRAMP approved Policy Enforcement Point (PEP) capabilities. Delivered as a scalable SaaS platform from the world's largest security cloud, ZIA eliminates legacy network security solutions to stop advanced attacks and prevent data loss with a comprehensive zero trust TIC 3.0 compliant approach, fully supporting the CISA approved Branch Office, Remote Users, and Cloud use cases with: Best-in-class, consistent security for today's hybrid workforce: When you move security to the cloud, all users, apps, devices, and locations get always-on threat protection based on identity and context. Your security policy goes everywhere your users go. Secure cloud-based telework solution: Migrate to a cloud-first, cloud-secure Trusted Internet Connections (TIC) 3.0 zero-trust architecture that can accelerate cloud migration, enhance user productivity, and improve support for cloud applications. Lightning-fast access with zero infrastructure: Direct-to-cloud architecture ensures a fast, seamless user experience. This eliminates backhauling, improves performance and user experience, and simplifies network administration - with no physical infrastructure, ever. AI-powered protection from the world's largest security cloud: Inline inspection of all internet and SaaS traffic, including SSL decryption, with a suite of AI-powered cloud security services to stop ransomware, phishing, zero-day malware, and advanced attacks based on threat intelligence from 300 trillion daily signals. Simplified management: Using a cloud native security solution infused with AI, streamlined workflows, and business focused policy creation frees up valuable time for your team to focus on strategic goals. Zscaler Internet Access includes a comprehensive suite of AI-powered security and data protection services to help you stop cyberattacks and data loss. As a fully cloud-delivered SaaS solution, you can add new capabilities without any additional hardware or lengthy deployment cycles. The modules available as part of Zscaler Internet Access are: - Cloud Secure Web Gateway (SWG) - Cloud Access Security Broker (CASB) - Cloud Data Loss Prevention (DLP) - Cloud Firewall & IPS - Cloud Sandbox - Digital Experience Monitoring (ZDX) Zscaler will also provide our Zero Trust Exchange services at the FedRAMP Moderate level not only for federal agencies and service integrators, but state, local, education, and critical infrastructure as a fully authorized StateRAMP solution. All Zscaler's FedRAMP platforms are fully managed and supported by US Citizens and meet the ITAR, CJIS, and DFARS requirements and attestations. Zscaler, a Leader in the Gartner Magic Quadrant for Security Service Edge.

Zscaler Internet Access - Government (Secure Web Gateway - vTIC)

FedRAMP Authorized

Zscaler Internet Access Gov, part of the Zscaler Zero Trust Exchange, defines safe, fast internet and SaaS access with the industry's most comprehensive cloud native security service edge (SSE) platform. Zscaler's Zero Trust Exchange helps agencies achieve the target goals of the Executive Order 14028 and resulting OMB mandates, CISA guidance and directives. ZIA Gov security products are currently utilized by over 100 federal agencies and federal systems integrators today in Zscaler's US-based FedRAMP Moderate and FedRAMP JAB High approved boundaries in support of the Cybersecurity and Infrastructure Security Agency (CISA) Trusted Internet Connection (TIC) 3.0 use case model for FedRAMP approved Policy Enforcement Point (PEP) capabilities. Delivered as a scalable SaaS platform from the world's largest security cloud, ZIA eliminates legacy network security solutions to stop advanced attacks and prevent data loss with a comprehensive zero trust TIC 3.0 compliant approach, fully supporting the CISA approved Branch Office, Remote Users, and Cloud use cases with: Best-in-class, consistent security for today's hybrid workforce: When you move security to the cloud, all users, apps, devices, and locations get always-on threat protection based on identity and context. Your security policy goes everywhere your users go. Secure cloud-based telework solution: Migrate to a cloud-first, cloud-secure Trusted Internet Connections (TIC) 3.0 zero-trust architecture that can accelerate cloud migration, enhance user productivity, and improve support for cloud applications. Lightning-fast access with zero infrastructure: Direct-to-cloud architecture ensures a fast, seamless user experience. This eliminates backhauling, improves performance and user experience, and simplifies network administration - with no physical infrastructure, ever. AI-powered protection from the world's largest security cloud: Inline inspection of all internet and SaaS traffic, including SSL decryption, with a suite of AI-powered cloud security services to stop ransomware, phishing, zero-day malware, and advanced attacks based on threat intelligence from 300 trillion daily signals. Simplified management: Using a cloud native security solution infused with AI, streamlined workflows, and business focused policy creation frees up valuable time for your team to focus on strategic goals. Zscaler Internet Access includes a comprehensive suite of AI-powered security and data protection services to help you stop cyberattacks and data loss. As a fully cloud-delivered SaaS solution, you can add new capabilities without any additional hardware or lengthy deployment cycles. The modules available as part of Zscaler Internet Access are: - Cloud Secure Web Gateway (SWG) - Cloud Access Security Broker (CASB) - Cloud Data Loss Prevention (DLP) - Cloud Firewall & IPS - Cloud Sandbox - Digital Experience Monitoring (ZDX) Zscaler will also provide our Zero Trust Exchange services at the FedRAMP Moderate level not only for federal agencies and service integrators, but state, local, education, and critical infrastructure as a fully authorized StateRAMP solution. All Zscaler's FedRAMP platforms are fully managed and supported by US Citizens and meet the ITAR, CJIS, and DFARS requirements and attestations. Zscaler, a Leader in the Gartner Magic Quadrant for Security Service Edge.

Zscaler Private Access - Government (Zero Trust Exchange - VPN Replacement)

FedRAMP Authorized

Zscaler Private AccessGov, part of the Zscaler Zero Trust Exchange, enables fast, secure connections and allows your employees to work from anywhere using the internet as the corporate network. Based on the zero-trust principle of least-privileged access, it provides comprehensive security using context-based identity and policy enforcement. Zero Trust Exchange helps agencies achieve the target goals of the Executive Order 14028 and resulting OMB mandates, CISA guidance and directives. ZPA Gov security products are currently utilized by over 100 federal agencies and federal systems integrators today in Zscaler's US-based FedRAMP Moderate and FedRAMP JAB High approved boundaries in support of the Cybersecurity and Infrastructure Security Agency (CISA) Trusted Internet Connection (TIC) 3.0 use case model for FedRAMP approved Policy Enforcement Point (PEP) capabilities. TIC 3.0 Use Case Examples (Branch Office, Remote Users, and Cloud) Zero-trust VPN alternative: Legacy VPNs fail to deliver the security, visibility, and user experience today's distributed workforce requires. ZPA delivers fast, direct access to private apps by eliminating VPN traffic backhauling which creates latency, resulting in lost productivity. Secure Hybrid Workforce: Users require the ability to move fluidly between their homes, remote locations, branch offices, and headquarters. ZPA enables seamless and secure access to private apps from wherever they need to work, on any device. Local users benefit from an identical experience through an on-prem broker that replicate the policies and controls of the cloud. Third-party Agentless Access: Third-party agencies, contractors, and vendors require secure, direct access to business applications and OT systems from unmanaged devices. ZPA provides secure, direct connectivity from authorized users to named applications without putting third parties on the network. With integrated agentless access, users can access applications from any browser, on any device, without the need to install a client or log into a VPN. VDI alternative: Traditional VDIs are often slow, unresponsive, and introduce significant costs with racks of servers needed in the data center to support remote access needs. ZPA provides secure, direct connectivity to apps over RDP and SSH, enabling a faster, more secure experience for users. With built-in agentless access through the browser employees and third-party users get seamless secure connectivity from any device without complicated desktop provisioning processes. Secure workload-to-workload connectivity: Agencies require fast, secure workload-to-workload connectivity across hybrid and multi-cloud environments. ZPA for Workloads reduces operational complexity and cost by eliminating the need for virtual DMZs and VPN meshes with least-privileged access-based connectivity across clouds. In addition, because workloads are hidden behind ZPA, they are invisible to the internet and impossible to attack. Zscaler will also provide our Zero Trust Exchange services at the FedRAMP Moderate level not only for federal agencies and service integrators, but state, local, education, and critical infrastructure as a fully authorized StateRAMP solution. All Zscaler's FedRAMP platforms are fully managed and supported by US Citizens and meet the ITAR, CJIS, and DFARS requirements and attestations. Zscaler, a Leader in the Gartner Magic Quadrant for Security Service Edge.

X Clear SearchX Clear Filters

CG-TTS - Cloud.Gov

Authorizations

19

Reuse

18

Service Model

Impact Level

Status

FedRAMP Authorized

Mystic Message Archival

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

LibreView for US Government

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Abnormal AI for Government

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Absolute Secure Endpoint Product Suite

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Absolute Secure Endpoint offers an agent-based endpoint resilience solution powered by Absolute Persistence®; a patented technology embedded in the firmware of over 600 million devices. This unique technology ensures an unbreakable connection between endpoints and the Absolute Secure Endpoint SaaS platform, serving as a trusted source of truth for device and application health. It automates self-healing for mission-critical applications and security controls while providing a robust lifeline for protecting at-risk devices and data. Organizations can locate, freeze, and wipe lost or stolen devices in accordance with NIST standards, enabling IT and security teams to enhance cyber resilience, strengthen security posture, and maintain compliance. Key Capabilities: The Absolute Secure Endpoint suite allows customers to remotely manage their endpoint devices through a Web UI (Customer Center (CC) Console) or Public APIs, delivering the following features: • Track Hardware: Monitor and manage device inventories. • Measure Device Usage: Analyze usage patterns to optimize resources. • Monitor Installed Software: Streamline compliance and software audits. • Assess Security Posture: Gain insights into endpoint security. • Monitor Critical Application Health: Ensure mission-critical applications run optimally. • Detect Unauthorized Device Movement: Prevent unauthorized access and data breaches. • Remotely Freeze Devices: Lock devices to prevent misuse. • Remotely Delete Data: Securely wipe sensitive information when necessary. • Enable Firmware Protection: Safeguard devices at the firmware level. • Make Critical Applications Self-Healing: Automatically restore essential applications. • Identify Sensitive Information on Devices: Detect and classify sensitive data. • Remotely Query & Remediate Devices at Scale: Address issues across large device populations. • Comply Module for Secure Endpoint: Strengthen endpoint compliance with advanced tools. Supported Use Cases: The suite addresses a wide range of operational and security challenges: • Device Lifecycle Management: Simplify provisioning, maintenance, and decommissioning of devices. • Automate Hardware Audits: Improve audit accuracy while reducing manual effort. • Automate Software Audits: Ensure software compliance across endpoints. • Improve Help Desk Efficiency: Speed up the resolution of device issues. • Find and Fix Vulnerabilities: Detect and remediate endpoint weaknesses. • Enforce Security Standards: Apply consistent security policies across the organization. • Detect Endpoint Risks: Monitor and respond to emerging threats. • Respond to Endpoint Risks: Execute rapid, effective countermeasures. • Provide Evidence of Compliance: Demonstrate adherence to regulatory standards. • GDPR Compliance: Protect personal data and meet privacy requirements. • Next-Generation Cyber Resilience: Defend against evolving cyber threats with advanced protection. • Enterprise Security and Compliance: Meet rigorous security and regulatory requirements. • Firmware-Embedded Resilience: Protect devices persistently at the firmware level. • Validation of Secure and Compliant Devices: Ensure only compliant devices access corporate networks. • Optimized Remote Work Security: Strengthen security for remote and hybrid work environments. • Automated Remediation for Incidents: Automatically address critical errors and system issues to ensure seamless operation and stability. With its innovative technology, advanced remediation capabilities, and comprehensive features, Absolute Secure Endpoint empowers organizations to build stronger, more resilient endpoint security ecosystems tailored to modern challenges.

Acadis Readiness Suite

Authorizations

9

Reuse

8

Service Model

Impact Level

Status

FedRAMP Authorized

Kiteworks Federal Cloud

Authorizations

18

Reuse

18

Service Model

Impact Level

Status

FedRAMP Authorized

The Kiteworks Private Data Network is a FedRAMP Authorized service at the Moderate Impact Level that provides data security, governance, and compliance capabilities. The service consists of the following core components and functions: System Components - Virtual private cloud (VPC) environment with dedicated servers for each customer - Encrypted file storage system - Data transfer protocols including SFTP, HTTPS, and SMTP - Authentication and authorization services - Audit logging and monitoring systems - Security scanning and threat detection services Core Functions - File transfer and sharing capabilities via web interface, email, SFTP, MFT, and APIs - Role- and attribute-based access control and user authentication - File encryption at rest and in transit using FIPS 140-3 validated cryptographic modules - Audit logging of all system and user activities - Integration with customer directory services (LDAP/Active Directory, etc., see below) - Multi-factor authentication support - DLP integration - Embedded antivirus Possessionless Editing (SafeEDIT) System Components and Functions - File streaming service for secure remote data access and collaboration - Data rendering system for file type conversion - Audit logging system for data interactions - Versioning system for file changes - Authorization validation service - File integrity verification system - Session management service - Access revocation controls - Activity monitoring system Security Features - Customer-managed encryption keys - Single-tenant deployment providing data isolation between customers - Continuous security monitoring and scanning - File-level role- and attributed-based access controls - Remote device management capabilities - Security event logging and reporting - Integration with customer SIEM systems Compliance Capabilities - Audit log generation and retention - Policy enforcement mechanisms - Compliance reporting tools - Data locality controls - Access tracking and monitoring - Chain of custody documentation Integration Interfaces - REST APIs for system integration and SCIM authentication support - SMTP interface for email services - SFTP/FTPS/CIFS/SMB interfaces for file transfer - LDAP/AD, SAML 2.0, Kerberos, PIV/CAC, time-based one-time password (TOTP) authenticators, SMS, and SFTP certificate connectors for authentication - SIEM integration for security monitoring - DLP and CDR system integrations - The system operates within a defined authorization boundary and undergoes continuous monitoring and regular security assessments in accordance with FedRAMP requirements. To learn more about what Kiteworks can do for government agencies, please visit: https://www.kiteworks.com/solutions/government/

Accenture Federal Cloud ERP

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

Accenture Extended Detection and Response (XDR) for government

Authorizations

3

Reuse

2

Service Model

Impact Level

Status

FedRAMP Authorized

Accenture Insights Platform (AIP) For Government

Authorizations

6

Reuse

7

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

27

Reuse

28

Service Model

Impact Level

Status

FedRAMP Authorized

Actsoft Workforce Manager for Gov.

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Connect, Ozone, & Facial Recognition System (COFRS)

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Acuant is a leading global provider of identity verification, regulatory compliance (AML/KYC) and digital identity solutions. Acuant's Trusted Identity Platform is powered by AI and human assisted machine learning to deliver unparalleled results and operational efficiency. Acuant Connect, Ozone and Facial Recognition System (COFRS) combines four product lines to fulfill the need to authenticate an individual against an identity document they present to establish a trusted relationship. COFRS is a Software as a Service (SaaS) solution that provides an extremely robust basis for identity proofing. The products together authenticate the physical and digital information protecting the authenticity and integrity of the document, provide an assessment of the degree of match of the individual to the photo(s) stored on the document, and perform presentation attack detection via liveness assessment of the individual performing the transaction. - AssureID Connect SaaS authenticates the physical security features of the document - Ozone eMRTD Authentication SaaS ensures the electronic data is cryptographically intact and digitally bound to a trusted issuing authority - Once the document has been determined to be authentic and unmodified from its initial issuance, Acuant FaceID Government SaaS performs a facial recognition match of the photo(s) from the document with the individual presenting the document - Acuant Passive Liveness SaaS performs presentation attack detection to thwart fraud Document authentication is vital part of confirming the identity of an individual. Authenticating a document requires reviewing the physical document for the presence of known security features;features which are specific to each document type and series from a given issuer. The security features that are found on the presented document then need to be compared against the expected/known security features for the specific document and its issuer. Additionally, with the advent of electronic identity documents, the electronic data stored on the document must be authenticated and validated using Public Key Infrastructure (PKI) components to cryptographically assess the data encoded in the chip of the document and their binding to the Issuer. Finally, to ensure the document belongs to the individual presenting the document, a biometric match comparing the image from the document to the individual should be made, and the liveness of the individual must be determined - especially in remote vetting situations.

SkyShaper Technologies

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

Adobe Experience Manager Managed Services (AEMMS-GC)

Authorizations

7

Reuse

6

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

Adobe Learning Manager

Authorizations

2

Reuse

7

Service Model

Impact Level

Status

FedRAMP Authorized

Adobe Connect Managed Services (ACMS-GC)

Authorizations

5

Reuse

4

Service Model

Impact Level

Status

FedRAMP Authorized

Adobe Document Cloud including Adobe Acrobat, Adobe Acrobat Sign, and Adobe Acrobat Services (APIs)

Authorizations

6

Reuse

9

Service Model

Impact Level

Status

FedRAMP Authorized

Adobe Creative Cloud for Enterprise

Authorizations

10

Reuse

13

Service Model

Impact Level

Status

FedRAMP Authorized

Adobe Analytics

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Adobe Acrobat Sign for Government

Authorizations

11

Reuse

10

Service Model

Impact Level

Status

FedRAMP Authorized

Agile RTLS Suite (A-RTLS)

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Aidin Post-Acute Referrals Module

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

AINS dba OPEXUS - eCase

Authorizations

47

Reuse

46

Service Model

Impact Level

Status

FedRAMP Authorized

Content Delivery Services

Authorizations

28

Reuse

371

Service Model

Impact Level

Status

FedRAMP Authorized

The Akamai Content Delivery Network provides an 100% available platform to improve the performance and customer experience of your web content while providing robust security protections for your infrastructure – all at the edge of the internet and at an unmatched global scale. Akamai’s solutions are configured through the Akamai Control Center customer portal or via APIs to automate your workflows. Akamai Intelligent Platform infrastructure solutions included in the JAB authorized boundary are: Security - WAAP, WAF, WEP Web Application and API protections powered by an adaptive security engine (ASE) help protect from a wide range of network and application-layer threats with less effort and overhead. This solution is built on our Intelligent Edge Platform and comes prebuilt with performance capabilities that are designed to ensure your websites, web applications, and APIs perform their very best. Cloud-based web application firewall (WAF) — which harnesses visibility across the platform to stop the most sophisticated denial-of-service (DoS), web application, and API-based attacks. Secure Content Delivery Network - for HTTP and HTTPS for delivering secure, high performing and highly available web applications and APIs at scale. Edge enterprise DNS Protection (with DNSSEC) and Global Traffic Management - designed so that Internet users can more reliably get to your websites or any other IP application. It applies an Internet-centric approach to global load balancing to provide high site availability and responsiveness to online user requests. NetStorage - Cloud Storage, cloud-based service designed to meet storage requirements while offering customers cost reduction and a simplified management effort. Globally distributed cloud-based storage that maximizes delivery and performance. Media Services Live - Media streaming services - enabling agencies to stream and provide content to their viewers. Providing a consistent, high-quality viewing experience across the broad variety of network types — fixed or mobile — at varying connection speeds, globally.

Alation Cloud Service

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

Altana for Government

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Authorizations

92

Reuse

1073

Service Model

Impact Level

Status

FedRAMP Authorized

AWS US East/West

Authorizations

106

Reuse

968

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

26

Reuse

25

Service Model

Impact Level

Status

FedRAMP Authorized

Appian Government Cloud - High

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

AppOmni SaaS Security for Government

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Apptio for Technology Business Management and Cloud Financial Management (TBM)

Authorizations

7

Reuse

6

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Aqua Platform for Government

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

The Aqua Platform for Government is a Cloud Native Application Protection Platform (CNAPP) comprised of fully integrated security and compliance capabilities that visualize, prioritize, and eliminate risk in minutes across the full software development lifecycle. Automated policies for shift-left prevention and runtime detection and response reduce your attack surface and mitigate active attacks—before damaging losses can occur. Aqua empowers customers to unleash the full potential of their digital transformation and accelerate innovation with the confidence that their cloud native applications are secured from start to finish, at any scale. The Aqua Platform is a full-suite cloud service offering that provides customers with the capability to scan, monitor, and manage applications, containers, virtual machines, and workloads, as well as to validate applicable compliance controls and regulations. The Aqua Platform comprises six different service modules, listed below, that provide various scanning and monitoring functionalities: Supply Chain: The Supply Chain module allows customers to perform container image and registry scanning, as well as to scan customer code, images and artifacts as a part of their build pipeline. Workload Protection: Deploys sensors and agents within a customer’s cloud environment to provide protection on customer-defined components via Enforcer functionality. CyberCenter: The CyberCenter service monitors scans and uses comparison against a database aggregated from multiple threat intelligence sources to identify vulnerabilities and malware within container images. Cloud Security Posture Management (CSPM): The CSPM module provides customers the ability to integrate with one or more cloud infrastructure accounts to scan the entire account, correlate events across the account, provide account-wide remediation, and monitor and write compliance controls across the account. From these scans, Aqua Platform for Federal provides customers with an overall score based on identified vulnerabilities and compliance with defined configuration policies. The CSPAAS service acts to allow interfacing between the USE and CSPM services within Aqua Platform for Government.

Armedia Content Cloud

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

Armis FedRAMP Edition (AFE)

Authorizations

5

Reuse

4

Service Model

Impact Level

Status

FedRAMP Authorized

Armis, FedRAMP Edition (AFE) is an agentless, enterprise-class security platform purpose-built to help organizations discover and secure managed, unmanaged, and IoT devices, including medical devices and industrial control systems (ICS). Armis discovers every managed, unmanaged, and IoT device in any environment, analyzes device behavior to identify risks, vulnerabilities or attacks, and protects critical business information and systems. Armis easily integrates with existing security products. AFE passively monitors wired and wireless traffic in the environment to identify every device and to understand its behavior without disruption. AFE analyzes this data in the AFE Risk Engine which uses device profiles and characteristics from the AFE Device Knowledgebase to identify each device, assess its risks & vulnerabilities, detect threats, and recommend remediation actions. Visibility: AFE closes the Continuous Diagnostic and Mitigation Dashboard visibility gap with unmanaged and IoT devices. AFE discovers and classifies every managed, unmanaged, and IoT device in the environment including servers, laptops, smartphones, VoIP phones, smart TVs, IP cameras, printers, 5G, HVAC controls, medical devices, industrial controls, and more. AFE can even identify off-network devices using Wi-Fi, Bluetooth, and other protocols in any environment. The comprehensive device inventory that AFE generates includes critical information such as device manufacturer, model, serial number, location, username, operating system, installed applications, and connections made over time. In addition to discovering and classifying a device, AFE calculates its risk score based on factors such as vulnerabilities, known attack patterns, as well as the behaviors observed of each device in the environment. This risk score helps security teams understand their attack surface and meet compliance with regulatory frameworks that require identification and prioritization of vulnerabilities. Insights: The AFE Risk Engine continuously monitors the behavior of every device in the environment for behavioral anomalies. Working with the AFE Device Knowledgebase, AFE compares the real-time behavior of each device with: - Historical device behavior - Behavior of similar devices in the Customer's environment - Behavior of similar devices in other environments - Common attack techniques - Information from threat intelligence feeds Actions: With these types of critical device and behavioral insights, AFE is able to identify threats and attacks. When AFE detects a threat, it can alert security teams and trigger automated action to stop an attack. Through integrations with network infrastructure, as well as the Customer's existing security enforcement points like Cisco and Palo Alto Networks firewalls, and network access control (NAC) products such as Cisco ISE and Aruba ClearPass, AFE can restrict access or quarantine suspicious or malicious devices. Easy Integration: AFE requires no agents or additional hardware to deploy. AFE integrates with existing firewalls or NAC, security management systems such as SIEM, ticketing systems, and asset databases. These integrations allow AFE to leverage existing investments to achieve greater value and more automated response.

Authorizations

5

Reuse

4

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

9

Reuse

8

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

4

Reuse

3

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

1

Reuse

37

Service Model

Impact Level

Status

FedRAMP Authorized

Atlassian Government Cloud

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

Atom Power, Inc - ATOM EVSE

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Masterworks Cloud Platform

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

13

Reuse

12

Service Model

Impact Level

Status

FedRAMP Authorized

Autodesk for Government

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

7

Reuse

6

Service Model

Impact Level

Status

FedRAMP Authorized

Built on WordPress, the Content Management System (CMS) that powers 43% of the web, WordPress VIP provides a secure, compliant platform for management for government entities. With industry-leading security protocols, expert support, flexible architectures, plus 99.99% SLA, hourly backups, and reliable uptime, WordPress VIP takes the heavy lifting out of digitizing citizen services and modernizing legacy infrastructure. WordPress VIP is built on top of WordPress, an intuitive, easy-to-use CMS that many government employees already know. By adopting WordPress VIP, IT and technical staff can reduce the amount of support and training required to support their agency. But maintaining WordPress and ensuring the security of a WordPress setup can be challenging, and many solutions built on WordPress do not meet the exacting requirements of federal agencies. Security is WordPress VIP's chief priority. Our data security best practices include end-to-end encryption from edge to origin, resource and data isolation, and encrypted offsite backups. We address physical security through an independently owned and operated network of industry-certified global data centers. Every origin server meets the International Organization of Standardization (ISO), International Electrotechnical Commission (IEC) 27001 certification, Standards for Attestation Engagements (SSAE) No. 18 (SOC1) and SOC2 Type 2, and includes ongoing surveillance reviews. At the application level, every instance is protected with Single Sign-On, SSL/HTTPS/HSTS, required 2FA, and logging and auditing at the application, web server, load balancing, database, and operating system layers. WordPress VIP also fully manages updates and version and responds to any potential security issues immediately, easing the burden of ongoing security and maintenance and lowering total cost of ownership. While our stringent security protocols protect sensitive information, our intuitive and easy-to-use content management workflows make it easy to provide citizens with up-to-date, accessible, and accurate information. Even those with little technical knowledge can successfully navigate WordPress VIP's editing interface with minimal training.

Avature Limited

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Avaya Government Cloud

Authorizations

5

Reuse

4

Service Model

Impact Level

Status

FedRAMP Authorized

Avaya OneCloud for Government is a government community cloud, FedRAMP Moderate authorized Unified Communications & Collaboration as a service (UCaaS) plus Contact Center as a service (CCaaS) cloud offering the following to government agencies: Government Community Cloud (GCC) - The Government Community Cloud is a preferred characteristic for Government wide solutions and it comes with less risk to Government agencies than other forms of cloud models (e.g. public). Better customization and security - The Service is a dedicated (not multi-tenant) Unified Communication (UC)/Contact Center (CC) cloud offering. Each agency is provided their own individual software stack/instance on a virtual platform that provides a highly customizable, reliable and secure environment. The Service is monitored and managed 365 x 24 x 7. Industry recognized Avaya Unified Communications (UC) software is at the heart of the Service providing enterprise quality UC features including telephony, unified messaging, mobility, instant messaging & presence plus audio, web and video collaboration. Secure full featured collaboration provides a reservation-less "Meet-me" audio, video and web collaboration virtual room with security code access and the ability to launch the bridge from any phone anywhere. Industry recognized Avaya Contact Center/Customer Experience applications are at the core of the CCaaS offer with composability via myriad Avaya ecosystem partners to deliver rich and effective customer experience solutions including, skills-based routing, CC reporting/management, call recording, quality monitoring, analytics, workforce management, workforce optimization, self-service with natural language speech recognition, proactive outbound calling, callback assistance, AI, chatbots, digital channels, etc. Emergency Calling Compliance - Kari's Law and Ray Baum’s Act compliance via optional emergency calling solution all authorized by FedRAMP. Predictable Operational Expense (OPEX) billing model underpins the Avaya OneCloud for Government service.

AvePoint Online Services for US Government (AOS-UG)

Authorizations

7

Reuse

6

Service Model

Impact Level

Status

FedRAMP Authorized

AvePoint Online Services for US Government provides centralized management, governance, backup, migration, reporting, information lifecycle management, and more for your multi-SaaS workloads all in one platform. When collaborating across workplace technologies, proper governance, security, and resilience approaches are critical. Native capabilities often fall short, leading to operational inefficiencies, increased risk, and difficulty assuring compliance. As AvePoint’s Confidence Platform for the Public Sector, AvePoint Online Services for US Government supplements these native capabilities to achieve comprehensive data management and governance, and ensure your organization is prepared for AI while driving usage, adoption, and maximizing return on investment. With AvePoint Online Services for US Government, public sector organizations can leverage the functionalities below to confidently navigate the complexities of modern digital collaboration, ensuring their data is secure, compliant, and efficiently managed. AvePoint Opus – Optimize cloud storage & manage information lifecycles for Microsoft 365 AvePoint tyGraph – Workforce analytics for Microsoft 365 AvePoint Virtual Assistant (AVA) - data recovery and AI chatbot Cense – License Management for Microsoft 365 Cloud Backup – Backup and protection for services in Microsoft 365, Microsoft Dynamics 365, Azure, Google Workspace, Google Classroom and Salesforce Cloud Governance – Structured cloud workspace control for Microsoft 365 Cloud Management – Automated Microsoft 365 administration Confide – Secure internal and external collaboration for complex projects Curricula – Corporate Learning Management System Elements – Mult-tenant management for Microsoft 365, Dynamics, Azure, Salesforce, and Google Workspace EnPower – Access management for Microsoft 365 Examena – Digital Assessment management Fly (SaaS) - SaaS based tenant-to-tenant migration solution to or within Microsoft 365 Insights – Security reporting for Microsoft 365 MyHub – Centralized collaboration Hub for Microsoft 365 Policies - Microsoft 365 security management and enforcement. ReCenter – End-user file restore for Microsoft 365 and Google Workspace

Avue Digital Services

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

Avue is a web-based, outsourced, digital service delivery system offered by Avue Technologies Corporation; remotely-hosted in the Amazon GovCloud, and remotely-managed by Avue Technologies Corporation in Tacoma, Washington. The Avue service is provided through a single interface to handle all aspects of human capital management. Avue is a Software-as-a-Service (SaaS) cloud-based Human Capital Management and Operations Management platform. Avue is the leader in federal talent acquisition, talent management, talent science, and human capital technology solutions. The platform serves include a diverse array of agencies that include Title 5 and alternative personnel systems such as Title 38, Title 10, Title 32, and FIRREA. Avue is a native-federal HCM platform offered as a SaaS/cloud solution, with 99.9% uptime, since 2001. Avue's offering includes a five component solution: (1) the native federal enterprise SaaS platform, (2) highly expert Avue staff available online and onsite to ensure the platform is responsive to the client's operational needs, (3) embedded IT services that ensure all elements of the technology and data flow and operate seamlessly with the client's IT environment, (4) social media, communications, and marketing services for online-, mobile-, and social-media based talent acquisition, and (5) on-demand HR staff augmentation to add capacity and assist agency HR staff with Avue HR experts, in any location at any time. Avue's database contains job duties, skills, and competencies, developmental activities, training courses, performance standards, recruitment criteria and applicant assessment criteria, along with a range of other associated content. This database and its companion rules engines allow Avue to deliver services in a rapid and efficient manner while at the same time ensuring compliance with statutes and regulations, notably the Uniform Guidelines on Employee Selection Procedures, governing OPM and delegated examining regulations, and the federal Merit System. Avue's services are bundled with the database and technology platform in a manner that ensures delivery of the services are not only compliant but responsive to managemen'’s needs, quick, and superior in quality and result. Avue is HRLOB certified by OPM, OMB, and GSA for both Core and Non-Core HR services including Classification, Staffing and Recruitment, Performance Management, Enterprise Learning Management, Worker Compensation, Payroll, Time and Attendance, Benefits and Retirement Management, Organization Optimization, and Workforce Planning and Management - a total of 15 modules. Avue Technologies is currently interconnected to electronically post vacancies to USAJOBs and receive online application and with the National Finance Center (NFC) for personnel actions and workforce management activities.

Axiad Conductor

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

US Axon FedCloud - High

Authorizations

18

Reuse

17

Service Model

Impact Level

Status

FedRAMP Authorized

Axonius Asset Cloud

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Aztec Learning System

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

PMP Government-Gateway

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Bentley for Government

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Cuick Trac Managed Enclave (CTME)

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

BetterUp for Government

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Secure Remote Access

Authorizations

5

Reuse

4

Service Model

Impact Level

Status

FedRAMP Authorized

Bizagi Cloud for US Government

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

BlackBerry Cloud - AtHoc Services for Government (High)

Authorizations

22

Reuse

21

Service Model

Impact Level

Status

FedRAMP Authorized

Blackboard Learn SaaS

Authorizations

5

Reuse

4

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Blink Network provides a comprehensive solution for electric vehicle (EV) charging, employing a container-based, microservices architecture to allow for the management of charging stations, as well as a wide array of host and driver services. Charger Services The core of the Blink Network revolves around its charger services, which include: Access Control and Billing: Users are authenticated and billed based on their usage. The system supports detailed billing that can differentiate between driver pricing and other billing factors. Charging Session History: Each charging session is logged, capturing details such as duration, energy consumed, and cost, enabling precise tracking and management. Charging Station Configuration: Administrators can configure charging stations remotely, setting parameters such as maximum output and scheduling. Customer Services To enhance the EV driver experience, Blink Network offers several customer-oriented services: Station Locator: Drivers can find available public charging stations via the network, ensuring they can charge their vehicles conveniently. Session Management: Drivers can start and pay for charging sessions directly through the platform, supported by a seamless payment gateway. Notification Alerts: Users receive notifications about their charging status and other relevant alerts, enhancing communication and user engagement. Station Management Station management is critical for operational efficiency and includes: Pricing Policy Management: Administrators can set and adjust pricing based on duration or kWh used, allowing for flexible and dynamic pricing strategies. Access Policy Settings: Stations can be configured for public, private, or mixed use. Public stations can be integrated with popular mapping services like Google and Apple Maps for easy accessibility. Reporting: Comprehensive reports are available, detailing transactions, energy usage, revenue, station utilization, and environmental impact metrics. Real-time Monitoring: Continuous monitoring of station status with alerts ensures high uptime and prompt response to issues. Driver Mobile App The driver-facing component of the Blink Network includes: Account Management: Drivers can manage their profiles, set notification preferences, and enter payment information for automated billing. Charging Management: The app provides functionalities to find stations, check availability, initiate, and pay for charging sessions, all in real-time. API Integration API capabilities are central to the system, facilitating: Charging Operations (OCPI): Supports authentication and control of charging sessions. Charger Information (OCPI): Delivers real-time data on charger status, tariffs, and locations. CDR and Reports (OCPI): Provides detailed reports on energy consumption, parking duration, and costs for effective management. Data Security Data integrity and security are prioritized with stringent measures for data at rest and in transit, including: Host Information: Only essential details are stored, ensuring privacy and compliance. Driver Information: Sensitive information such as credit card details are tokenized; actual card numbers are never stored. Charging Station and Session Details: Comprehensive logging includes all transactional data without compromising user privacy.

Bluescape for Government

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

6

Reuse

5

Service Model

Impact Level

Status

FedRAMP Authorized

BMC Helix in the AWS cloud accelerates agencies on their enterprise modernization journey. Organizations that are migrating to the cloud require a process that is seamless, successful, and uncompromising on security. This is particularly important to federal agencies that are experiencing ever-changing and demanding missions. Some highlights of the BMC solution include but are not limited to: * BMC Helix Portfolio Management – A comprehensive graphical tool that seamlessly connects Project and Portfolio Management with idea sourcing, idea management, and demand generation * BMC Helix Operations Management with AIOps – Predictive IT with AIOps, with service-centric monitoring, advanced event management, root cause isolation, and intelligent automation to improve performance * BMC Helix Continuous Optimization – Predictive analytics to manage IT resources with support for Kubernetes and pods, microservices, containers, and multi-cloud * BMC Helix Discovery – Discovery and dependency modeling delivers instant visibility into hardware, software, and services across multi-cloud, hybrid, and on-premises environments * BMC Helix ITSM (with Digital Workplace) – The gold standard in service management (previously authorized – now updated to v21.3) BMC Helix empowers organizations to: * Enable proactive service resolution, providing the ability to monitor, service, and remediate events as they occur * Accelerate agency enterprise modernization * Drive innovation as part of their digital transformation * Reduce costs and increase efficiencies * Deliver the industry-leading enterprise service management SaaS solution from the AWS cloud * Deliver the industry-leading enterprise operations management with AIOps SaaS solution from the AWS cloud * Leverage a modern persona based UX optimized across devices * Manage with powerful, stunning reports and visualizations allowing data driven insights Optimized for ITIL® 4, a leader in the Gartner Magic Quadrant for IT Service Support Management Tools and optimized specifically for government agencies, BMC Helix is hosted in the FedRAMP compliant Amazon Web Services (AWS) cloud and can be tailored to the needs of any agency with rapid implementations, flexible configuration, huge scalability and easy upgrades. Agencies using this service * Corporation for National & Community Service (CNCS) * Department of Agriculture * Office of Personnel Management * United States Forest Service

Apricot for Government

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

Authorizations

2

Reuse

6

Service Model

Impact Level

Status

FedRAMP Authorized

Boomi AtomSphere is a cloud-native integration Platform-as-a-Service (iPaaS) technology that lets you connect everyone to everything. As a SaaS - based technology it is faster, easier to use, less costly, and more flexible than legacy integration tools and techniques. As a pioneer and leader in Gartner's Enterprise iPaaS Magic Quadrant for 8 years in a row, the Boomi SaaS AtomSphere Platform has been solving the needs of government customers with end-to-end capabilities by integrating applications, systems, and connecting people. Boomi delivers in three key areas for our customers: - Modernization and Digital Transformation: Boomi is a key part of any modern IT foundation and enables the transformation of operations, ensuring proper connectivity and smooth data exchange when applications and infrastructure are migrated and consolidated. - Accelerating Cloud Smart Adoption: Speeding up cloud adoption to boost operational efficiency and implement shared services to foster collaboration and increase engagement. - Improving Constituents' Experience: Bringing together workforce processes and workflows from across organizations for a streamlined approach to customer experience and serve employees, partners, contractors, and citizens better. Covered by our FedRAMP Authorization are the following cloud products: - Integration: Overcome IT complexity and break down data silos by integrating on-premises and cloud application, various data sources and devices with Boomi Integration. Create a fabric of connectivity to unlock productivity and thrive within your digital technology foundation. Boomi Integration accelerates time to value leveraging a drag and drop UI, data mapping tools, and a comprehensive library of connectors, coupled with support for various integration patterns enable you to build any integrations with exceptional speed. - Master Data Hub (MDH): Boomi Master Data Hub is a cloud-native master data management (MDM) solution that sits at the center of the various data silos within your organization - including your existing MDM solution, to provide you an easy to implement, scalable, flexible, and secure master data management hub as a service. - API Management (APIM): Boomi API Management supports the full lifecycle of APIs in a hybrid environment. Configure APIs and expose real-time integrations effortlessly. Centrally test and deploy APIs and enforce contracts and policies with an API gateway. Monitor the health of APIs with usage dashboards and engage API developers using the catalog and developer portal. - B2B/EDI Management: Effectively integrate with your vendors, suppliers, distributors, partners, and marketplaces to simplify processes and trade smarter. Built-in support for a wide variety of traditional and modern EDI standards including XML, X12, EDIFACT, HC7, RosettaNet, Tradacoms, as well as the ability to define custom standards. - Flow: The drag-and-drop interface simplifies how agencies connect data across systems, replace manual processes, and collaborate cross-functionally. Flow allows you to build applications at scale, easily connect your data and flexibly deploy apps anywhere they are needed. - Boomi Managed Cloud Services (MCS) leverages the Boomi Public Cloud solution and provides further isolation and ancillary services in support of a Boomi Private Cloud. The service has been engineered to address security at three distinct points: network, application, and data; this three-tiered security approach is designed to protect data from unauthorized parties, keep it safe in transit and at rest, and allow customer access as needed. Boomi manages all aspects of MCS runtime instances, sparing MCS customers any work involved in configuring, monitoring, and managing hardware and software for Boomi processes.

Supply Chain Master Catalog (SCMC) Government Cloud Solution

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Box Enterprise Cloud Content Collaboration Platform

Authorizations

41

Reuse

41

Service Model

Impact Level

Status

FedRAMP Authorized

Omega Charge Management System

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Asset Management Suite (AMS)

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

Symantec Gov Cloud Security (GCS) - High

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Symantec Gov Cloud Security (GCS) is designed to provide security to U.S. government agencies’ networks and protection for their information. It leverages common foundational components that support several individual Symantec cloud services in a single boundary. The following Symantec solution(s) are FedRAMP authorized: - Symantec Gov Cloud – Web Protection Symantec Gov Cloud – Web Protection, which includes the Symantec Cloud Secure Web Gateway (Cloud SWG), allows federal agencies to apply network security policies across web and cloud applications. It helps protect users with web and cloud security services that connect all devices to a FedRAMP-authorized intelligent control point for high-performance, cloud-based threat protection services. Configure and enforce web and cloud application access-control policies that streamline security operations and reduce operational and maintenance costs, while also improving user productivity. - Deliver the foundation for a complete Security Service Edge (SSE) solution through a single SKU. - Authenticate users and enforce user, group, and location-based security controls, regardless of their location or device. - Simplify the user experience through a single agent that orchestrates inspection through multiple layers of security. - Control employee access to Shadow IT cloud apps (unsanctioned cloud applications) to reduce the attack footprint, and ensure security, while maintaining productivity. - Deliver a proxy-based architecture that delivers Secure Web Gateway and Advanced Threat Protection that terminates, inspects, and controls high volumes of web and cloud traffic, even when it is SSL/TLS encrypted. - Set policies based on website content-based classifications and threat risk levels for consistent and acceptable use and prevent users from accessing known and unknown malicious sites. - Classify URLs in 80+ categories covering more than 50 languages for comprehensive analysis and threat detection. - Enable application-level point-to-point connectivity, cloaking all resources from the end-user devices and the internet. - Block high-risk and advanced threats with multilayer file inspection to prevent the download of malicious files that will compromise the agency’s security. - Threat Risk Levels – Set web access policies based on a URL’s relative level of threat risk. Symantec Gov Cloud – Web Protection delivers an added layer of protection that actively safeguards an agency’s digital assets. User-based licensing of Symantec Gov Cloud – Web Protection provides the option to also deploy any number of on-premises appliances (physical or virtual), depending on an agency’s use case for either a full cloud, on-premises Edge SWS, or hybrid solutio

Authorizations

3

Reuse

2

Service Model

Impact Level

Status

FedRAMP Authorized

Canon Office Cloud – Managed Print Services

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

Casepoint Government

Authorizations

7

Reuse

6

Service Model

Impact Level

Status

FedRAMP Authorized

Cellebrite Government Cloud (CGC)

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

Gen3 Data Ecosystems Platform

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

Gen3 Data Commons Service

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

Customer Feedback Management System (CFMS)

Authorizations

3

Reuse

2

Service Model

Impact Level

Status

FedRAMP Authorized

Momentum Enterprise Suite

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

CGI Federal IaaS Cloud

Authorizations

12

Reuse

11

Service Model

Impact Level

Status

FedRAMP Authorized

Sunflower Asset Management Cloud (SAMC)

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Electric Vehicle Infrastructure Platform for Government

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Check Point Infinity Platform for Government

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Check Point Infinity Platform for Government is designed to provide a robust, unified cybersecurity solution tailored to meet the stringent security and compliance requirements of federal agencies. This platform integrates advanced threat prevention, secure email, and centralized management capabilities to safeguard federal data and systems against evolving cyber threats. The initial package includes the following components: Harmony Email: This solution provides advanced protection for email such as Microsoft 365 and GMail, against phishing, malware, ransomware, and account takeover attacks. It ensures secure communication and collaboration for federal agencies by leveraging AI-driven threat detection and prevention. ThreatCloud AI: ThreatCloud AI serves as the backbone of Check Point's threat intelligence ecosystem. It aggregates and analyzes global threat data in real-time, enabling proactive identification and mitigation of threats. ThreatCloud ensures that federal systems are continuously updated with the latest threat intelligence to prevent zero- day attacks and other sophisticated cyber threats. Infinity Portal: The Infinity Portal acts as a centralized management console, providing federal agencies with a single pane of glass to manage their cybersecurity posture. It enables streamlined policy enforcement, real-time monitoring, and comprehensive reporting, ensuring compliance with federal security standards. System Functionality and Use Case The Check Point Infinity Platform for Government is designed to: Protect Federal Systems and Data: By integrating advanced threat prevention and real-time threat intelligence, the platform safeguards federal systems against known and emerging cyber threats. Enhance Collaboration Security: Harmony Email and Collaboration ensures secure communication and collaboration within and across federal agencies, reducing the risk of data breaches and unauthorized access. Simplify Security Management: The Infinity Portal provides centralized visibility and control, enabling federal IT teams to efficiently manage their cybersecurity infrastructure and maintain compliance with federal regulations. Support Cloud-First Initiatives: The SaaS-based architecture aligns with federal cloud adoption strategies, providing scalability, flexibility, and cost efficiency. Federal Data Stored, Processed, or Transmitted: The "Check Point Infinity Platform for Government" is designed to handle various types of federal data, including: Personally Identifiable Information (PII): Such as employee or citizen data processed through email and collaboration tools. Sensitive But Unclassified (SBU) Data: Including internal agency communications, reports, and operational data. Controlled Unclassified Information (CUI): Such as data related to federal programs, contracts, or research that requires safeguarding. Threat Intelligence Data: Aggregated and analyzed within ThreatCloud to enhance the security posture of federal systems. The platform ensures that all data is stored, processed, and transmitted in compliance with federal security standards, including encryption in transit and at rest, access controls, and continuous monitoring to detect and respond to potential threats.

Chronus for Government

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

1

Reuse

19

Service Model

Impact Level

Status

FedRAMP Authorized

CirrusMD Virtual Health Chat for Government

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Spaces for Government

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

AppDynamics GovAPM

Authorizations

1

Reuse

35

Service Model

Impact Level

Status

FedRAMP Authorized

Cisco Unified Communications Manager Cloud for Government (Cisco UCM Cloud for Government)

Authorizations

8

Reuse

7

Service Model

Impact Level

Status

FedRAMP Authorized

Cisco Unified Communications Manager Cloud for Government (Cisco UCM Cloud for Government) is a complete unified communications service from the Cisco Cloud. It is built to provide government-level security so that organizations can collaborate with anyone, anywhere, on any device. The service is hosted by Cisco, sold by Cisco Powered partners. Cisco UCM Cloud for Government provides these core services: Voice and Video Calling:Simplify with industry-leading voice and video as a service. Cisco UCM Cloud for Government provides voice and video call control and supports Cisco's newest voice and video endpoints ranging from desktop phones, immersive video rooms and mobile and desktop clients. Voicemail and Integrated Messaging:Access messages the way you prefer from your desk phone, mobile phone, or desktop client. Instant Messaging and Presence:Cisco Jabber lets you find the right people, see if and how they are available, and collaborate using your preferred method. Use Cisco Jabber for presence, instant messaging (IM), voice and video calling, voice messaging, desktop sharing, and conferencing. Single App Experience:Webex for Government and Webex App allows customers to call, meet, and message on any device with a single unified application from Webex. Webex App brings together Cisco UCM Cloud for Government call control along with market leading Webex Meetings technology and advanced team collaboration capabilities including persistent messaging and file sharing. Conferencing:Use Cisco conferencing solutions to meet and manage meetings and projects in real time, to present, share, or collaborate from anywhere, anytime, on any device. Mobility:Cisco UCM Cloud for Government gives your mobile and remote users the freedom to be productive from anywhere, on any device. Give users one number to dial, redirect incoming calls to designated phones, move calls between a Cisco desktop and mobile phones, create personalized access lists, and give access to all your corporate collaboration features from mobile phones using Webex App or Cisco Jabber.

Cisco Cloudlock for Government

Authorizations

1

Reuse

35

Service Model

Impact Level

Status

FedRAMP Authorized

Cisco Meraki for Government

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Webex for Government

Authorizations

35

Reuse

34

Service Model

Impact Level

Status

FedRAMP Authorized

Webex for Government addresses the U.S. public sector’s collaboration needs in a single, secure package, relieving customers of the complexity of managing multiple point products from different vendors. The Webex for Government Suite provides a core set of capabilities that enable a hybrid workforce to collaborate securely and effectively from anywhere, on any device, and with anyone. Those core capabilities include: • Webex for Government Meetings simplifies your company’s workflows at scale. Equip your team with the most powerful tool to meet and exceed your agency’s goals. • Webex for Government Messaging keeps work flowing in between meetings with rich messaging and secure file sharing for continuous teamwork. • Webex for Government Calling is a proven cloud calling solution that delivers enterprise-grade calling functionality, enabling you to replace your on-premises PBX network with a globally trusted cloud calling solution. Webex Calling also provides powerful tools like voice queues and call routing to strengthen customer relationships. • Webex for Government Webinars simplifies webinar delivery and drives engagement with immersive content and interactive audience experiences. • Webex for Government Control Hub provides a centralized and comprehensive administrative portal for all your collaboration services. Whether you need to collaborate with remote colleagues, reach hybrid users, host webinars, address customer complaints, or offer technical support remotely, the Webex for Government Suite is the secure, compliant, collaboration solution. With Webex for Government Suite, you can reimagine your work by optimizing collaboration through AI-enabled software and hardware. It also helps you to reimagine your workspaces through collaboration devices that are purpose-built for your diverse needs and spaces. This collaboration solution can take your hybrid work setup from “good enough” to one that empowers your teams to collaborate seamlessly and securely so that you can focus on delivering additional business outcomes.

Cisco Umbrella for Government

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

Cisco Umbrella for Government is a Cloud driven Secure Internet Gateway that provides protection from Internet based threats, for users wherever they go. Umbrella’s network is capable of processing billions of requests per day, analyzing and learning internet activity to determine where attacks are being staged, so it can block requests to unwanted and malicious destinations before a connection is even established. Cisco Umbrella for Government is a SaaS environment hosted on AWS GovCloud providing Cisco Umbrella services to government customers. Umbrella services hosted within Cisco Umbrella for Government are based on Cisco product lines available to end customers. The Cisco Umbrella for Government environment is designed and operated based on security compliance and operations best practice by automating the build and operational processes as much as possible using Infrastructure as Code (IaC), CIS benchmarks, vulnerability scanning, continuous monitoring of critical security controls and a managed system development process to obtain initial and continuous FedRAMP Moderate Approval to Operate (ATO). With the initial ATO, Cisco will be launching DNS-layer-security initially, GovDNS: DNS-layer security helps protect customers users on and off the network by stopping threats over any port or protocol before they reach customer network or endpoints. This will be followed by Secure Web Gateway, Cloud delivered Firewall, CASB, and DLP features. Cisco Umbrella for Government is hosted within AWS GovCloud as the Cloud Service Provider (CSP) which assures product lines are maintained in a secure and trusted environment. Umbrella for Government boundary includes the Production environment consisting of virtual compute, storage, databases, and internal management web applications. Umbrella for Government’s external Identity Provider (IdP) Okta (IDaaS Regulated Cloud) is used in tandem with AWS IAM supporting Single Sign-on (SSO) services. Duo Federal is used for multifactor authentication (MFA). Cisco Umbrella for Government meets GovCloud Moderate requirements with specific categorization of Moderate Confidentiality, Moderate Integrity, Moderate Availability (M-M-M) with no privacy data overlay based on the FedRAMP Federal Information Processing Standard (FIPS) 199 Categorization Template. Cisco Umbrella for Government is designed with defense-in-depth protection for hosted applications and workloads using network filtering, multifactor authentication, transport layer security, data-at-rest protection, near real time audit collection and analysis, intrusion detection, vulnerability analysis and system backups.

Cisco ThousandEyes for Government

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Cisco Catalyst SD-WAN for Government (SDWAN-G)

Authorizations

4

Reuse

3

Service Model

Impact Level

Status

FedRAMP Authorized

Cisco Catalyst SD-WAN for Government (SDWAN-G), powered by Cisco Viptela/IOS XE, is a highly secure, cloud-scale architecture that is open, programmable, and scalable. All vetted and monitored through the rigorous FedRAMP authorization process. Use it to connect data centers, branches, campuses, and colocation facilities to improve network speed, security, and efficiency. Cisco Catalyst SDWAN-G is a cloud-delivered overlay WAN architecture connecting branches to data centers and multi-cloud environments through a single fabric and single pane of glass. Cisco Catalyst SDWAN-G helps ensure a predictable user experience for applications optimized for SaaS, IaaS, and PaaS connections. Comprehensive on-premises and cloud-based security protect against cyberthreats while enabling IT teams to accelerate the transition to a Secure Access Service Edge (SASE) architecture where and when it is needed. Cisco Catalyst SD-WAN Government (SDWAN-G) is owned, operated, and supported directly by Cisco for use in government offerings, providing the following capabilities: - Enhanced Visibility: Extend your network visibility and observability with our core government self-service portal. You'll gain actionable insights to help you transform network operations from reactive to highly proactive model. - Right Security, Right Place: On-premises or cloud-based security with secure SDWAN-G helps to accelerate the transition to a secure access service edge (SASE) architecture where and when it's needed. - Operational Simplicity: With a highly visualized interface and intuitive user experience for simplified configuration, management, operation, and monitoring across the Cisco Catalyst SDWAN-G fabric. The Cisco Catalyst SDWAN-G solution comes with pre-configured templates to automate and expedite the deployment of most common use cases. Guided step-by-step configuration designed to intelligently expedite onboarding of new devices, and full integration of unified communication, and security into Cisco Catalyst SDWAN-G. The Cisco Catalyst SDWAN-G solution is segregated into four planes with four key components: Manager - In the management plane, the Cisco Catalyst SD-WAN Manager is the centralized network management system and represents the user interface of the solution. Network administrators and operators can configure, provision, troubleshoot, and manage the entire overlay network from a simple graphical dashboard. Validator - In the orchestration plane, the Cisco Catalyst SD-WAN Validator automatically orchestrates connectivity between edge devices and Controllers. The Validator is largely responsible for the provisioning process as well as first-line authentication, control/management information distribution, and facilitating Network Address Translation (NAT) traversal. Controller - In the control plane, the Cisco Catalyst SD-WAN Controller is the component responsible for enforcing policies centrally. When branches come online, their routing information is exchanged with the Controller and not directly with other branches. The Controller works with the Validator to authenticate edge devices as they join the network and to orchestrate connectivity among the edge devices. Edge Devices - In the data plane, the Edge devices are responsible for establishing the network fabric and handle the transmission of data traffic. Edge devices come in multiple forms, virtual and physical, and are selected based on the connectivity, throughput, and functional needs of the site. The operating system of the Edge devices is securely developed and tested as part of Cisco’s Secure Development Lifecycle (CSDL) prior to releasing a version for the customer to deploy. In-boundary scanning of the operating system deployed with Edge devices for Cisco Catalyst SDWAN-G are scanned as part of Cisco’s continuous monitoring strategy. Collectively, the architecture of the Cisco Catalyst SDWAN-G fabric simplifies IT operations with automated provisioning, unified policies, streamlined management to help ensure rapid updates and resolutions, advanced network functionality, resiliency, and security. From a single pane of glass, Cisco Catalyst SDWAN-G helps organizations avoid complex configurations and frequent policy changes that lead to uneven user experiences, thereby increasing overall network efficiency and reliability.

Citrix for Government

Authorizations

7

Reuse

6

Service Model

Impact Level

Status

FedRAMP Authorized

Social Media Archiving

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Clarivate Intellectual Property AI & Image Search Platform (CIPAI-ISP)

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Cloudera for Government

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Cloudera for Government is a secure and governed cloud service platform that offers a broad set of enterprise data cloud services with data analytics and artificial intelligence functionality. With Cloudera for Government, users can create and manage secure data lakes, self-service analytics, and machine learning services without installing and managing the data platform software. Cloudera for Government services are managed by Cloudera, but the customer’s data remains under their control in their AWS cloud account. Cloudera for Government lets customers: • Control cloud costs by automatically spinning up workloads when needed, scaling them as the load changes over time and suspending their operation when complete. • Isolate and control workloads based on user type, workload type, and workload priority. • Combat proliferating silos and centrally control customer and operational data across multi-cloud and hybrid environments. Cloudera for Government contains several layers of infrastructure, operations software, networks, and the CDP services. The two primary components of the solution are the CDP Control Plane and the Customer Workload Environment. The CDP Control Plane provides a set of core services that perform several functions across the platform. Control Plane services are implemented in a microservice architecture running on Kubernetes. These services can be configured and scaled independently based on their function. Each service performs a specialized function, and services can also communicate with other services within the Control Plane. Each set of microservices that performs a specific function is isolated from other sets of microservices. This segregation permits each set of microservices to have its own identity, allowing for differentiation of access between system components. The Workload Environment is a cloud account that has been associated with a customer tenant inside the Control Plane. A tenant is a group of users that share access to a specific set of resources and a billing relationship with Cloudera. In general, each Cloudera for Government customer is a single tenant, but large organizations may have multiple tenants. When a CDP service, such as a data lake, gets created, it gets created within a Workload Environment. The customer Workload Environment is separate from the Control Plane and resides within the customer’s AWS account outside the system authorization boundary.

Cloudflare for Government

Authorizations

17

Reuse

46

Service Model

Impact Level

Status

FedRAMP Authorized

SafeShare (SFS)

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

System Functionality: SFS is a zero-trust data security, sharing, and collaboration web platform that uses Cocoon Data-patented technology called Secure Objects to apply the principles of least privilege to the document level. SFS is a system similar to services such as Google Drive or Box. It enables the customer to securely share files and collaborate on them within the SFS web app. The difference is in how SFS implements encryption and the concept of zero-trust security with these files by encapsulating them in Cocoon Data-patented technology called Secure Objects. Each file has a unique encryption key tied to identity and access controls attributes such as clearance and classification. The SFS SaaS solution allows customers to securely store, share, and control access to encrypted files and folders within the customer’s organization, outside the authorization boundary, and from mobile devices through a self-contained unit called an “organization.” An organization (deployed customer tenant) is self-contained, meaning that the sharing and manipulation of content is handled solely within the scope of the organization itself; therefore, any SFS user’s ownership of content (including permissions to access the customer’s content/data) is specific to each organization. Through the implementation of Secure Objects, the identity of the user is validated through the identity provider (Lightweight Directory Access Protocol [LDAP], Personal Identity Verification [PIV], etc.) that ties the identity of the data owner to its associated encryption keys. Secure Objects must be associated with a key (for encryption) and an originator (data owner). Customers have the option to designate collaborators, metadata, and apply extensive access controls to their data. SFS is available to customers with two options for tenancy: Customers may use the shared tenancy option where they receive their own Organization within the SFS application. This option logically separates customers within the SFS application but each file is encrypted using Cocoon Data’s proprietary Secure Objects technology and the Cocoon Data Content Crypto Service cryptographic module (CMVP# 4307). Customers may opt for the private tenancy option where they receive their own instances of the SFS Application. The customer would have their own custom URL for logging into the system and their own dedicated infrastructure. This option allows the customer to set up multiple Organizations as they see fit to further control which of their users can access what files they’ve uploaded to SFS. The private tenancy option is the recommended option for Federal Agencies as it offers the strongest separation measures from other customers. The services/functions provided to the customer by SFS are delivered via containerized services. Containerization is used across multiple availability zones for redundancy. The containers that run the service are the Content Service, Access Service, GeoFence Service, Notification Service, Web Service, Office Server Service, API Server, etcd, Controller and Scheduler. Content Service The Content Service contains the FIPS validated Cocoon Data Content Crypto Service (Certificate #4307). This service is responsible for handling the encryption keys, content encryption, version control, integrity checks and overall management of the data. Access Service The Access Service contains the Cocoon Data Access Service. This service is responsible for the access control to the Cocoon Data system, internal authentication, external LDAP authorizations, and SAML 2.0 authentications. It is also responsible for determining if a user has access to files or not based on a multitude of factors including but not limited to; clearances and classification, geographic location of the user and geofencing, user security roles, and security permissions. The scope of access to documents can also be further restricted so that users with access will only be able to perform specific actions on the file. An example would be giving a user view, but not download permissions.

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

Cofense PhishMe

Authorizations

7

Reuse

6

Service Model

Impact Level

Status

FedRAMP Authorized

Cofense PhishMe enables organizations to improve employee resiliency to phishing attacks through real-life simulated phishing scenarios. Thousands of the world's largest organizations in both public and private sector rely on PhishMe to condition employees to recognize and report phishing attacks. PhishMe enables trained awareness and compliance personnel to run simulated attacks using email templates that look like actual phishing attacks and includes on-the-spot educational content that displays when recipients click on one of the simulated phishing emails. For example, a scenario email might alert recipients that their (e.g. banking) credentials were compromised and ask the recipients to click a link in the email to reset their password. If a recipient does click the link, PhishMe displays educational content to help that individual recognize the characteristics of a phishing email. Through these safe examples, PhishMe customers can help their employees develop an awareness of the risks that real phishing emails pose and reduce their susceptibility of engaging with such emails in the future. To maximize the effectiveness of simulation campaigns and reduce the burden on awareness teams, Cofense PhishMe provides a combination of unique capabilities: - Content is based on real phishing attacks gleaned from real threat intelligence. That means that the scenarios you run are as realistic as possible, ensuring your organization is conditioned to the latest threats. - Responsive Delivery allows simulation operators to deliver phishing simulations while the user is active in their inbox, which drives higher scenario engagement. - Predefined playbooks with scenario recommendations based on user behavior and best practices. - PhishMe helps organizations transform their employees into the last line of active defense against phishing attacks - the leading cause of data breaches - through education, ongoing simulations, and an easy to use reporting tool, Cofense Reporter, so organizations can swiftly detect, respond to and thwart phishing attacks in their tracks.

LambdaX Contract Lifecycle Management (CLM) for Government

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

LambdaX is an AI-powered Contract Lifecycle Management (CLM) platform developed by Cognitus, designed to support the creation, negotiation, execution, management, and analysis of contracts. As a Cognitus product, LambdaX combines industry expertise with cutting-edge AI to deliver a robust solution tailored for government agencies, contractors, enterprises, and organizations requiring secure and efficient contract management. LambdaX offers a comprehensive suite of tools and features to streamline the entire contract lifecycle and can be deployed in various environments to meet FedRAMP-compliant security requirements. Core Functionalities: - Contract Creation – Tools for drafting, authoring, and assembling contracts, including support for templates and clause libraries. - Contract Negotiation and Collaboration – Features for internal and external collaboration on contract terms, including version control, redlining, and audit trails. - Contract Approval Workflows – Configurable workflows for routing contracts through internal and external approval processes. - Contract Execution – Support for electronic signatures and secure storage of executed contracts. - Contract Management – A centralized repository for storing and managing contracts, with search and reporting capabilities. - Obligation Management – Tracking of key dates, deliverables, and milestones within contracts. - Contract Analytics – Reporting and analytics on contract data, including risk assessment and performance metrics. - AI-Powered Features – Proprietary AI models developed by Cognitus enable: - Contract clause extraction and analysis. - Risk assessment and identification of non-standard clauses. Enterprise Integration: LambdaX provides API-based integration with external systems, ensuring smooth interoperability with enterprise platforms, including SAP, Salesforce, and other major ERP/CRM solutions. Security & Compliance: Built with Cognitus’ industry-leading security framework, LambdaX ensures compliance with FedRAMP, CMMC, and other federal security standards. Key security features include: - Role-Based Access Control (RBAC) – Granular control over user permissions and data access. - Multi-Factor Authentication (MFA) – Enhanced security for user authentication. - Encryption in Transit – All communication is encrypted using TLS 1.2 or higher. - Encryption at Rest – Data is encrypted using FIPS 140-2 validated cryptographic modules (where applicable). - Audit Logging – Comprehensive audit trails track all user activity and system events.

Cohesity Cloud Services for Government

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

3

Reuse

2

Service Model

Impact Level

Status

FedRAMP Authorized

Collibra Data Intelligence Cloud (CDIC)

Authorizations

8

Reuse

7

Service Model

Impact Level

Status

FedRAMP Authorized

Commvault Cloud for Government

Authorizations

5

Reuse

4

Service Model

Impact Level

Status

FedRAMP Authorized

Complete Discovery Source Federal Cloud (CDS-F)

Authorizations

6

Reuse

5

Service Model

Impact Level

Status

FedRAMP Authorized

Concur Cloud for Public Sector

Authorizations

19

Reuse

18

Service Model

Impact Level

Status

FedRAMP Authorized

Concur Cloud for Public Sector is a multi-tenant government-community cloud environment that hosts SAP Concur’s extensive suite of travel and expense cloud solutions, hosted on AWS GovCloud Infrastructure. Concur Cloud for Public Sector is designed for the U.S. Public Sector, managed by SAP Concur personnel on U.S. soil, and ensures data security, confidentiality, and availability without compromising usability standards of travel and spend management solutions. SAP Concur U.S. soil requirements do not necessarily extend to external services leveraged by Concur Cloud for Public Sector. Customers can be federal, state, local, tribal, territorial, federally funded research centers (FFRDCs), contractors working on behalf of the government, or lab entities. Concur Cloud for Public Sector provides a comprehensive environment the complex processes of government travel and expense. Users are able access the Federal Travel Regulation (FTR) and the Joint Travel Regulation (JTR) compliant Concur Cloud applications via standard web browsers or on smartphone with our SAP Concur mobile app. Concur Cloud for Public Sector brings commercial functionality and scalability to government agencies while still meeting government-mandated security and regulatory needs. Concur Travel and Expense: Includes a web application portal to communicate with system users and provide access to all services. The web application gives users the ability to facilitate travel booking services, change travel reservations, and authorize travel. From expense reports to pre trip approvals and expense reimbursements, the web application provides accurate accounting to government systems in compliance with the Federal Travel Regulation (FTR) and the Joint Travel Regulation (JTR). Users access applications within Concur Cloud for Public Sector by using standard web browsers via a URL or by using SAP Concur mobile applications for supported smart phone and tablet computer platforms. All data collected by SAP Concur applications is made available to customers via reporting enabled by the Cognos reporting tool that provides reports and the ability to create and/or manage new reports. ConcurGov: SAP Concur's travel and expense solution provided to US Federal Civilian customers under the ETS2 contract. ConcurGov includes a few additional services from CTE, such as GovPay, within Concur Cloud for Public Sector. Global Distribution Systems (GDSs): Travel content aggregators that sell content on behalf of airlines, hotels, rail, and rental car companies. Many organizations that provide travel services sell their content only through one or more GDS. Direct Connect Providers: Travel providers (airlines, hotels, rail, and rental car companies) that do not use GDSs but instead sell their travel content directly. Travel Management Companies (TMCs): Travel management companies that book travel on behalf of agency users, provide reservation fulfillment, reporting, and mid- and back-office systems as part of the entire end-to-end travel reservation process. E-Receipt Providers: Travel providers (airlines, hotels, rail, and rental car companies) that electronically transmit electronic receipts to SAP Concur for inclusion in travel voucher requests. Other Services: The following SAP Concur CTE products and services are available in CCPS: Advanced Care Budget Central Reconciliation Client Web Services Company Bill Statements Consultative Intelligence Custom Connector - Expense Detect by Oversight Concur Travel (Direct and Indirect) Essential Care Concur Expense ExpenseIt Extract Services Intelligence Production Sandbox Environment Concur Request SAP Integration Select Care Concur Travel & Expense TripLink User Support Desk for Public Sector

Confluent Cloud for Government (CCG)

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

Enterprise Cloud Fax Government (ECFax)

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Valiantys Federal (Formerly Contegix)

Authorizations

4

Reuse

11

Service Model

Impact Level

Status

FedRAMP Authorized

Storm Cloud Contact Center

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Copado GovCloud

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

Project Portfolio Management (PPM)

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

Coralogix U.S. GovOps

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

8

Reuse

7

Service Model

Impact Level

Status

FedRAMP Authorized

Unified Talent Management Suite (CUTMS)

Authorizations

20

Reuse

19

Service Model

Impact Level

Status

FedRAMP Authorized

Cornerstone Unified Talent Management Suite (CUTMS) – GovCloud

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Authorizations

6

Reuse

5

Service Model

Impact Level

Status

FedRAMP Authorized

Coupa Spend Management for Federal

Authorizations

3

Reuse

2

Service Model

Impact Level

Status

FedRAMP Authorized

Exiger Federal Cloud (EFC)

Authorizations

3

Reuse

2

Service Model

Impact Level

Status

FedRAMP Authorized

Federal Immersive Learning Management System (FED-ILMS)

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

The Federal Immersive Learning Management System (FED ILMS) is an Immersive Learning Management System (ILMS) which allows for training to occur in multiple modalities. Includes: - Live Meeting (Webinar Capabilities) - eLearning (SCORM, xAPI, CMI5, etc.) - On-Demand Video content - Documents - Immersive Learning (3D based serious gaming, in multi-player or single player mode) User interactions are tracked for the purposes of determining when the user has met requirements of various courses. In addition, the application has the following features: Accreditation System: Application has a complete accreditation system, which allows for the tracking of certificate requirements for any content in the system and puts the user through a number of requirements in order to achieve certification. This includes pre/post tests, evaluations, confirmation of acceptance, etc. Event Registration System: System has a complete registration system to manage Live Webinar registration as well as course registration. Exhibit Hall Capabilities: Create the ability to create templated “Spaces” or content areas that can be edited by “space editors” which includes a complete capability for the delegation of editing content in the space to the right department or person that manages that space. Spaces create an area where the “exhibitor” can share documents, live chat, provide contact information, display videos, and have “Ad-Hoc” live meetings. Open AI: Application will, through the use of Cognitive Search, index the content in the application tagging it to a particular space, exhibit space, webinar, eLearning course, etc. This indexed content is then integrated with Open AI using the RAG pattern to feed the LLM to have a conversation within the content, which is context based (within a space, related to a course, etc.) Game API: External immersive learning experiences (serious Games) use the Game API to manage the user’s session, which includes the ability to set and get user progress, mark objectives as met, etc. In addition, the Game API allows for the management of VoIP in the case of multi-player games, and also for the real-time communications using Sockets over https for presence management and other real-time multi-player communication needs. Search Capabilities: Application has a comprehensive search feature which allows users to search the system across all content types and one click open the content from the search results, whether this content is a Webinar, an Exhibit Space, a Serious Game, or a Document. Rating and Favorites: System has the ability for the user to rate (providing this is enabled), and mark any content or space in the system as favorite, and this shows up in the user’s favorites as well “My Office” My Office: This is the space within the application where the user sees all of the training they have done, can print certificates, finish any certificate requirements they have not completed on any of the course or content they have consumed, access their favorites, edit their profiles, etc. Social Features: Application has real-time group chat and real-time one-on-one chat available throughout the application for real-time chat scenarios. This is useful within the context of spaces, live webinars, etc. The application also has a simple moderated Forums capability to allow the user to participate in forums which can be scoped to a space, content, or general in nature. CMS: The application has an administrative interface, called the “CMS” which allows the client administrator to manage all aspects of the platform. Access can be granularly assigned to only the features required, through which elevated access can be made available to manage system settings which are sensitive in nature.

CrowdStrike Falcon Platform for Government

Authorizations

34

Reuse

41

Service Model

Impact Level

Status

FedRAMP Authorized

Composite Apps/ CuraPatient

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

CyberArk Identity for Government

Authorizations

3

Reuse

5

Service Model

Impact Level

Status

FedRAMP Authorized

CyberArk Identity is a cloud-based identity and access management solution that unifies many of the essential identity and access management services such as single sign-on (SSO), multi-factor authentication (MFA), and automation of user lifecycle management (LCM) (on-boarding and off-boarding). Using CyberArk Identity, Government Organizations can secure access to all the critical resources (applications, devices, IaaS, PaaS, VPNs etc.) across on-prem, in the cloud or hybrid. CyberArk Identity Standard and Adaptive SSO and Application Gateway - The CyberArk Identity App Catalog comes with thousands of application connections by default, but administrators can use a template to add any application to the catalog that is not already there and set up the authentication method through a variety of mechanisms, such as SAML, OpenID Connect (OIDC), OAuth2, WS-FED, or even username/password. CyberArk Identity App Gateway enables VPN-less access to legacy on-prem applications. It allows companies to set up a per-application, per-user access to individual legacy applications. CyberArk Identity Standard and Adaptive MFA - CyberArk Identity Standard Multi-factor Authentication (MFA) includes methods such as Security Keys, FIDO 2 Passwordless authenticators, Smart Cards, SMS/Email OTPs and Magic Links. These MFA methods are supported for all targets such as Windows Workstations, Servers and Macs, virtual desktops, VPNs, Web Apps, RADIUS Servers, 3rd party IDPs. CyberArk Identity Adaptive MFA allows customers to configure the solutions to consider various static and dynamic contexts such as device, location, network, day, time etc when evaluating access requests and applying authentication policies based on that. CyberArk Identity Standard and Advanced Lifecycle Management Standard Lifecycle Management (LCM) includes pre-integrated application provisioning and deprovisioning, AD sync and licensing for O365, self-service app request and automated approval workflow, app entitlement management, reporting and SIEM integration. Advanced Lifecycle Management includes inbound provisioning from HCM apps such as Workday, SuccessFactors, Bamboo HR, and Ultipro, as well as custom provisioning based on SCIM. CyberArk Identity Cloud Directory and Connector for On-Prem Directory Integrations Customers can also utilize the Identity Cloud Directory or install the Identity Connector inside their firewall to enable communication between their internal repositories (AD or LDAP) and the Identity services. The following customer side components are authorized as part of the CyberArk Identity for Government offering: CyberArk Identity Connector, CyberArk Windows Cloud Agent, CyberArk Mac Cloud Agent, CyberArk Identity Browser Extension, CyberArk Identity Mobile application for iOS.

CyberArk Endpoint Privilege Manager (EPM) for Government

Authorizations

3

Reuse

5

Service Model

Impact Level

Status

FedRAMP Authorized

CyCloud - VMware Cloud Foundation ( VCF )

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

Cyware Cyber Fusion Center (CFC)

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

Cyware Labs, Inc. (Cyware) Cyber Fusion Center (CFC) is an offering of full-stack Cyber security solutions for strategic, tactical, and operational intelligence sharing and threat response automation as well as orchestration services. Cyware Labs, Inc, Cyber Fusion Center (CFC) - Modules are - 1. CFC Threat Intel Exchange (CTIX) includes Threat Intelligence Platform (TIP) 2. CFC Collaborate (CSAP) 3. CFC Respond (CFTR) 4. CFC Orchestrate (CO) CFC Collaborate (CSAP): A mobile-enabled automated alert aggregation, dissemination, and strategic threat intelligence sharing platform for real-time situational awareness and enhanced collaboration between an organization’s security teams. Features include machine-to-machine orchestration, machine-to-human, orchestration, human-to-machine orchestration, role, location, and business alignment-based alerting, Cyware alerts, mobile-enabled intel sharing, macro intel ingestion, and crisis notifications. CFC Threat Intel Exchange (CTIX): A smart, client-server threat intelligence platform (TIP) for ingestion, enrichment, analysis, and bi-directional sharing of threat data within an organization’s trusted network. Features include any-to-any threat feed orchestration, micro threat intel ingestion, a hub & spoke sharing model, enrichment, correlation, and analysis of data, internal intel ingestion, automated intel actioning, and a multi-level intel view. CFC Respond (CFTR): A threat response automation platform that combines cyber fusion, advanced orchestration, and automation to stay ahead of increasingly sophisticated cyber threats affecting organizations in real-time. Features include malware management, a connect-the-dots threat analysis, incident response & management, triage management, threat actor tracking engine, vulnerability management, custom dashboards and reports, and a case management workflow. CFC Orchestrate (CO): A universal, security orchestration gateway for executing on-demand or event-triggered tasks across deployment environments. Features include flexible API, system playbooks, powerful customization, audit playbook extensions, the ability to export and import logic, nested playbooks, and granular access control.

Cyber AI Mission Defense and Email Protection

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

FedRAMP Compliant CloudPlus

Authorizations

2

Reuse

8

Service Model

Impact Level

Status

FedRAMP Authorized

Databricks on AWS US East/West

Authorizations

3

Reuse

7

Service Model

Impact Level

Status

FedRAMP Authorized

Databricks on AWS GovCloud

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Datadog for Government - High

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Datadog for Government

Authorizations

11

Reuse

84

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Decision Lens Software

Authorizations

5

Reuse

4

Service Model

Impact Level

Status

FedRAMP Authorized

Dejero Control and Concentrator

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Evidence Management System (EMS)

Authorizations

10

Reuse

9

Service Model

Impact Level

Status

FedRAMP Authorized

Deloitte GPS OpenCloud

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

Deloitte’s Government and Public Services (GPS) OpenCloud Cloud Managed Platform is an enterprise managed, multi-cloud Platform-as-a-Service (PaaS) that offers government enterprises and customers supporting U.S. government organizations with complex compliance requirements the ability to host their applications on their cloud platform of choice and leverage a range of pre-assessed security controls and operational benefits (e.g., automation, redundancy, auto-remediation) from the platform. The platform provides FedRAMP Moderate Impact Level security services for customers to consume, such as boundary and network protection, operating system and device hardening, vulnerability management, trusted patch repositories, malware detection, auto-remediation for policy enforcement, and 24x7 security information and event management (SIEM). The platform also offers a customer self-service portal in ServiceNow allowing customers to interact with platform engineers, architects and operators and submit general service requests. Additionally, operating system changes are monitored to confirm compliance with pertinent security policies. The platform provides the following additional benefits to our clients: • Accelerates time to complete Agency and FedRAMP ATOs for client workloads by leveraging a FedRAMP compliant security platform • Provides a mature security solution to meet federal security monitoring standards and guidelines (i.e., EO 14028, OMB M-14-03, OMB M-21-31, NIST SP 800-137) • Leverages FedRAMP JAB compliant cloud hosting platforms (i.e., AWS GovCloud, AWS US East/West, and Google Cloud Platform Assured Workloads) The platform includes the following key features: • Identity and access management to include account onboarding, offboarding and auditing • Network management to include secure remote access / VPN management, Network Access Control List / Network Security Group configuration and maintenance, Firewall Management with IDS / IPS and DDOS protection • Operating System support to include provisioning of hardened images, configuration management and provisioning of trusted patch repositories • Security Services to include OS vulnerability scanning, STIG / CIS benchmark scanning, endpoint security and logging / continuous monitoring • Certificate / secrets management for platform resources • Support for Common Access Card (CAC) / Personal Identity Verification (PIV) integration (upon customer request).

Replicon Cloud Platform (Enterprise Time Tracking Platform)

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Costpoint GovCon Cloud Moderate (CP GCCM)

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

DimensionalView®

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

Dexcom Clarity for Government

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

Digital.ai Government Cloud

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

Diligent One Platform (D1P)

Authorizations

5

Reuse

4

Service Model

Impact Level

Status

FedRAMP Authorized

Diligent’s D1P GRC platform is the only enterprise-grade solution purpose-built to manage the full lifecycle of FedRAMP, DOD/DISA IL and CMMC compliance—from initial SSP development to ongoing POA&M updates, ConMon, and audit readiness. Designed with automation at its core and trusted by federal agencies, integrators, and 3PAOs, Diligent eliminates spreadsheet chaos and empowers teams to focus on actual security—not documentation. Purpose-Built for Complex Cybersecurity Compliance Diligent delivers deep automation and pre-configured workflows for: - FedRAMP (Low, Moderate & High) - DOD / DISA Impact Levels (2, 4, 5) - CMMC (Level 1, 2 and beyond) - NIST 800-53, NIST 800-171, SOC 2, and ISO 27001 and other major compliance frameworks - Support for custom frameworks and policy libraries Core Capabilities - Live SSP and ATO Package Management - Automatically generates and maintains OSCAL and human-readable SSPs. Track versioning, delta changes, and live control status from a single system. - Automated POA&M Generation and Updates - POA&Ms are created directly from scan data, control testing, or manual input. Linked to owners, evidence, due dates, and tracked in real time with alerting. - Continuous Monitoring, ConMon & Risk Insights - Real-time dashboards ingest data from 130+ tools including vulnerability scanners, cloud providers, HR systems, and ticketing platforms. Evidence collection is automatic and centralized for audit readiness. -Control Inheritance and Framework Mapping -Cross-map and inherit controls across frameworks. “Write once, apply many” saves time and ensures consistency for multi-standard organizations. -Multi-Tenant Partner and Reseller Enablement -Native support for MSSPs, C3PAOs, and resellers. Role-based access, tenant-level data separation, and white-labeled deployments available. -API and Integration Ecosystem -With over 130 out-of-box integrations and a robust open API, Diligent connects seamlessly to your stack—cloud, on-prem, or hybrid. Deployment & Security - Hosted on AWS GovCloud with three available options: FedRAMP moderate (primarily SLED), FedRAMP moderate and DOD IL5 (primarily for - Federal and some DOD), and FedRAMP moderate and DOD IL for DOD only (requires DoDIN access). - Built with security-first architecture, supporting unique customer keys, data segregation, and FIPS 140-2 validated encryption. What Sets Diligent Apart - FedRAMP, DOD and CMMC are core, not bolt-ons—we’ve built workflows around these frameworks from the ground up. - Automation beyond templates—real-time evidence ingest, compliance task enforcement, and live control dashboards. - Used by regulators, 3PAOs, integrators, and contractors—proven across the full compliance ecosystem. -Designed to scale—whether you’re managing 1 ATO or 50, Diligent supports your growth.

Authorizations

4

Reuse

3

Service Model

Impact Level

Status

FedRAMP Authorized

AEON is a powerful business process automation and management Software as a Service (SaaS) developed by Distributed Solutions, Inc. (DSI) that solves complex business process needs across the Government. AEON has been successfully deployed for Program Office Management, Project Budgeting and Planning, Document Generation, Complete Acquisition Lifecycle Management, Contract Writing, Invoice and Deliverable Tracking, Grants and Audit Management, Vendor Engagement, and Collaboration Portals. AEON solutions provide no-code dynamic configurations, rapid implementation, and on-demand customer business process change. AEON's sophisticated modern software design enables seamless version upgrades guaranteed to maintain business process continuity and integration survivability while delivering new features. The AEON SaaS eliminates stovepipes across an enterprise by delivering common data standards, business processing rules, collaboration, and shared integrations; this design facilitates cost-effective scaling of multiple solutions on the same platform. AEON automates and modernizes business offices through the agile implementation of customer best practices, unique policies, Federal regulations (FAR/DFARS), stakeholder collaboration, digital signatures, workflows, evaluations, and other process management needs. Data can be accessed for real-time decision-making, business intelligence, interactive dashboards, and executive reporting. Available as an end-to-end solution, AEON is also capable of assisting customers seeking to improve their business process while maximizing existing investments in technology and human capital. AEON can leverage current customer environments to fill known gaps in legacy business tools and deliver significant process improvements. DSI's AEON software platform is built on the Microsoft stack for industry leading technology, performance, security, and maintenance. DSI partners with Project Hosts to deliver the AEON Solution in a FedRAMP compliant cloud hosted on Microsoft's world-class Azure Government infrastructure.

DLH Infinibyte Cloud

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Minsky No-code ML/NLP Knowledge Graphing Platform

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

DNAnexus Platform

Authorizations

3

Reuse

2

Service Model

Impact Level

Status

FedRAMP Authorized

Docebo Learning Platform for Gov (DCBO-GOV)

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

DocuSign Federal (eSignature, Gen, Negotiate)

Authorizations

37

Reuse

44

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

3

Reuse

39

Service Model

Impact Level

Status

FedRAMP Authorized

DX Engage Government Platform

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

Druva Data Resiliency Cloud

Authorizations

12

Reuse

11

Service Model

Impact Level

Status

FedRAMP Authorized

DTEX InTERCEPT for Government

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Authorizations

12

Reuse

213

Service Model

Impact Level

Status

FedRAMP Authorized

Dynatrace Platform

Authorizations

11

Reuse

14

Service Model

Impact Level

Status

FedRAMP Authorized

Trimble Unity Construct Government Edition

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Economic Systems Federal Human Resources Navigator

Authorizations

18

Reuse

17

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

eGain Suite is delivered as a SaaS offering using a multi-tenant Government Only cloud computing environment. It is available to federal, state, local, and tribal governments, as well as research institutions, federal contractors, government contractors. The eGain Suite includes the following applications: • eGain Chat is a real-time chat assistance to website visitors. • eGain Cobrowse allows agents to provide real-time assistance to customers. Agent can share and co-navigate HTML and JavaScript content via web browser with a customer to provide support. • eGain CallTrack is a case management solution for the resolution of customer issues with call taking, logging, and tracking capability. • eGain Mail+Social handles large volumes of email, webform, and social inquiries with automated routing, workflows. Letter and fax interactions are also handled in this service, with PDF-based output. • eGain Secure Messaging is a secure email messaging system that authenticates the customer before allowing the viewing of confidential information. • eGain Knowledge+AI is a knowledge management software including AI that provides agents and other users answers from a common knowledge base • eGain SelfService+AI provides self-service experiences that enable customer self-service and enables context-aware escalations to live customer service agents if required by the customer. • eGain Virtual Assistant is a virtual agent providing a way for users to get answers and assistance on an organization’s website. A user chats with the virtual assistant (also called virtual agent or chatbot). The chatbot provides answers to any queries input within the chatbot. • eGain Notify, enables outbound notification messages to customers. • eGain Offers uses browsing behavior and other attributes, to proactively serve a targeted offer to website visitors. • eGain Contact Center Analytics is an analytics tool to measure, manage, interactions within contact centers with customers. • eGain Advisor Desktop is a desktop for contact center agents.

Eightfold Talent Intelligence Platform (TIP)

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

6

Reuse

29

Service Model

Impact Level

Status

FedRAMP Authorized

Elekta ProKnow Federal

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Embrava Device Management System (DMS)

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Exchange Platform

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Connect and operationalize facilities, assets, and infrastructure securely. Archibus by Eptura connects the built environment to manage assets, facilities, and employees across portfolios while prioritizing security and protection of federal information. Archibus for Government has a robust FedRAMP offering that is centered on Archibus Web Central which organizes facilities and infrastructure management tasks in an intuitive web browser interface. Workplace Services module focuses on employee workspace booking, meeting room booking, and service requests. Archibus Space offers tasks for creating a space inventory -- a listing of the space that a company occupies, its occupiable and non-occupiable areas, how each department is using the occupiable areas, the common areas, and how personnel are assigned to rooms within the inventory. There’s also the capability to internally bill departments for their space usage and build from your current inventory to plan your future space needs. Sustainability & Risk module encompasses business applications that work proactively to forecast and minimize risks to the organization: its staff, its productivity, or its competitive viability. Real Property module helps create an electronic inventory of properties and leases, complete with detailed data on occupancy, leased-out and available area, taxes, regularly occurring required actions, compliance with regulations, costs, and more. Maintenance module helps manage reactive (on demand) maintenance and preventive maintenance by providing tools for scheduling employees and outside contractors, budgeting costs, routing work throughout the system, updating the system with details about completed jobs, and assessing performance and response. The Assets module includes applications that provide different levels of integration between asset management and the suite of Archibus by Eptura applications. Manage assets throughout the lifecycle; optimize the use and disposal of assets. Manage information targeted to the various stakeholders working with assets -- IT, finance, facilities, and department heads. Capital Projects module encompasses business applications that identify problems, identify funding, and plan capital to execute the strategic plan, which includes condition assessments, capital budgeting, individual capital project, and building commissioning.

EY Grants Accelerator

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Esri Managed Cloud Services Advanced Plus

Authorizations

5

Reuse

5

Service Model

Impact Level

Status

FedRAMP Authorized

ArcGIS Online (AGO)

Authorizations

15

Reuse

17

Service Model

Impact Level

Status

FedRAMP Authorized

Critical Event Management Suite

Authorizations

25

Reuse

25

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Everlaw Platform

Authorizations

5

Reuse

4

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Higher-Ed Platform (Alma, Primo, Leganto, Esploro)

Authorizations

10

Reuse

9

Service Model

Impact Level

Status

FedRAMP Authorized

Exterro E-Discovery and Legal Software Platform

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

The Exterro Platform is a single, natively built, fully integrated solution that unifies all of Exterro's E-Discovery and Information Governance products. Further, it includes our integration hub, which connects to the industry's broadest range of 3rd party tools, system applications, and data sources, orchestrating processes across applications and minimizing your cost of ownership. Products within The Exterro Platform: Employee Change Monitor Employee Change Monitor enables you to proactively take steps to mitigate risk associated with the change in any data field stored in your HR information system and shared with the Exterro Platform. For example, when an employee leaves your organization, a task can be issued to take a snapshot of her email box and backup her files, a system notification can be sent to alert Records Management of the change in employment status, and the employee can automatically be released from any active legal holds. File Analysis Exterro File Analysis provides the critical foundation for any Information Governance project by delivering the information you need to achieve your cost and risk reduction efforts. Intuitive and data-rich dashboards in Exterro's File Analysis software display key information about the content stored on your data sources such as network shares and SharePoint servers. Key document properties such as date created, last modified, access rights, metadata, and content type are displayed, providing the critical foundation for all your information governance cost and risk reduction activities. Proactively manage policies that support organizational goals by gaining insight into the content that matters most. Easily identify data that has business or legal value, such as sensitive data (e.g. personally identifiable or health information), files found outside retention guidelines or ESI on legal hold, to make informed business decisions. Data Mapping Build and maintain an up-to-date directory that mirrors your evolving data source inventory with Exterro Data Mapping. Identify important ESI repositories, eliminate irrelevant ones, and meet the most rigorous judicial and compliance standards. Legal Hold Say goodbye to manual, time consuming, and error-prone litigation hold processes with world-class legal hold software. With Exterro Legal Hold, you can: - Manage the entire legal hold process - from notifications, to interviews, to reminders, and more - in one place - Protect and secure data from accidental deletion with the In-Place Preservation module - Integrate with your HR system, and get notified of employee status changes, to mitigate the risk of spoliation and automate other operational processes with the Employee Change Monitor module - Quickly identify critical information from custodian data stored in Microsoft Office 365 prior to collection with the Office 365 Explorer module In-Place Early Case Assessment Perform early case assessment through a broad set of analytic and predictive intelligence capabilities that enable rapid identification of the most important documents in a dataset prior to collection. Uncover crucial documents and communications prior to 26(f) conferences to support your proportionality and strategic arguments. Collection and Processing Perform targeted collections and full e-discovery document review with a "one-click" ability to collect only the relevant files that are identified during ECA. Exterro supports the ability to connect to an ever growing list of 30+ on premises and cloud-based data sources, eliminating the need to send requests to multiple stakeholders to perform collections. Exterro is unique in the market by combining processing with collection and offering documents for review almost immediately after the collection process is started, thus saving you time and money while reducing risk associated with manual handoffs and promotions. In addition, our underlying technology has been built with the future in mind, able to easily and quickly process vast amounts of data without impacting performance for your users. ESI Vault The most architecturally advanced ESI storage available delivers significant cost savings, risk reduction, and powers productivity through cross-matter work product re-use and analytics. Maximize work product re-use via a real-time, fully integrated ESI vault that enables one-click repurposing of data across matters. Gain insight and optimize operations through cross matter analytics. Review Exterro's end-to-end, fully integrated platform ensures the shortest possible time to review from matter inception. Documents can be concurrently collected and processed from multiple data sources and seamlessly moved into review as data becomes available, without delays, handoffs, and complex promotion/staging procedures common in other platforms. Production Choose between Native, PDF, and TIFF production outputs depending on the requirements of your matter. Exterro supports industry-standard loadfiles, including Concordance®, Summation®, EDRM XML, and even custom loadfile. Exterro Production automates the entire production process, including imaging, branding, redaction application and loadfile creation into a single step, eliminating technical intervention and time-consuming handoffs. Legal Project Management Exterro Project Management is the only purpose-built project management system designed specifically to orchestrate the workflows and activities associated with e-discovery and other legal processes. Easily modified user-defined workflows coordinate all relevant tasks and activities, including preservation, collection, processing, review, and production.

ExtraHop RevealX Federal

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

RMA iQ™ is delivered as SaaS offering using a multi-tenant Government Only cloud computing environment. It is available to the DoD, federal, state, local and tribal government communities as well as their respective contractors. Feith RMA iQ is a SaaS platform designed to support federal agencies in managing records efficiently. It helps Records Managers address challenges such as large volumes of records, complex retention schedules, and compliance with federal records regulations. Key Features -Automated Classification and Retention: Employs artificial intelligence to classify records and apply GRS and RCS retention schedules, reducing manual effort and improving accuracy. -Efficient Record Retrieval: Offers advanced search tools to help users locate records quickly, supporting timely responses to internal and external inquiries. -Seamless Integration: Integrates with various agency information systems, including M365, allowing staff to work within familiar platforms and minimizing training requirements. -Security and Compliance: Enforces role-based controls to safeguard CUI and PII, ensuring adherence to federal security standards. Optional Add-Ons -FOIA Workbench: Facilitates compliance with Freedom of Information Act requirements through tools for review, tracking requests, and redacting sensitive information. -Declassification Module: Streamlines declassification workflows, identifies sensitive content, and provides audit trails to maintain compliance. -Case Management: Centralizes case records, supports customizable workflows, and enables secure collaboration. -Document and Workflow Management: Enhances document handling with version control, metadata tagging, content sharing, workflow automation, and analytics. -RMA iQ supports federal agencies in securely and effectively managing records. By automating processes, integrating with existing systems, and offering optional tools for specialized Federal missions, the platform helps improve productivity, ensures compliance with regulations, and strengthens knowledge management across agencies. The system is a browser-based application with an optional client-side component (Feith Sync) that can be installed locally within the agency network to synchronize local file shares.

Figma for Government

Authorizations

2

Reuse

2

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

6

Reuse

5

Service Model

Impact Level

Status

FedRAMP Authorized

FMS:Employee for Government provides an innovative scheduling solution that delivers new levels of efficiency and productivity for your mobile, virtual, and traditional employees. From conference rooms and video conferencing facilities to shared workspaces and managed services, from small entities to large entities, the way work gets done has changed. FMS:Employee is a cloud-based, scalable platform that solves the most challenging workplace management issues offering cutting edge technology, integrated floorplans, integrated room panel hardware, availability sensors and expertise in implementation and change management. FMS:Employee empowers your workforce to connect and engage in today’s dynamic digital workplace with intuitive scheduling solutions that help organizations support the work-from-anywhere model and enable inspiring workplace experiences. Room, Resource, and Service Management - FMS:Employee is an online, cloud-based scheduling system for desk, room, and resource reservations. - Quickly find and reserve rooms, equipment, and services. - Comprehensive scheduling includes options for recurring, multi-day and multi-resource reservations. - Create reservations and sending meeting invites from the web, Outlook, or your mobile device. - Streamline internal operations with a dynamic service management system that includes inventory control and reporting. Integrated Solutions for Workplace Productivity - FMS:Employee can help you achieve your efficiency and productivity goals by reducing manual processes, improving collaboration, and increasing the productivity of your mobile workforce. - Seamlessly integrate room and resource scheduling with Microsoft Outlook. - Keep teams connected with integrations for WebEx, Crestron Fusion, and Cisco TMS video conferencing and more. - Streamline operations with an integrated visitor management solution that enforces security protocols. - Create a modern, tech-savvy workplace with digital signage, digital room panels, and interactive kiosks. Desk Sharing for Employee Engagement - With FMS:Employee desk management solutions, users can find and reserve shared workspace quickly and easily from the web, a kiosk, Outlook, or their mobile device. Find space by location, workspace type, or proximity to co-workers, visually on an interactive floorplan. - Drive program adoption with an intuitive user interface and mobile scheduling from multiple devices. - Support mobile and virtual workers with integrated tools for easy collaboration. - Leverage available sensor technology to track space utilization and measure program performance. - Visualize trends, analyze usage behavior, and make data-driven decisions about your real estate investment and workplace design.

ONE – Security Service Edge (SSE) – CASB/DLP/SWG/ZTNA/RBI

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

FormAssembly Gov Cloud

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

General Support System (GSS)

Authorizations

3

Reuse

2

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

18

Reuse

17

Service Model

Impact Level

Status

FedRAMP Authorized

Genesys Cloud CX

Authorizations

9

Reuse

8

Service Model

Impact Level

Status

FedRAMP Authorized

Genesys Cloud™ is an AI-powered experience orchestration platform with a full suite of omnichannel contact center capabilities, built-in workforce engagement management (WEM) and artificial intelligence (AI). It is available to the public, federal, state, local, and tribal governments, as well as research institutions, federal contractors and government contractors. Features and capabilities include: All-in-One open platform - Genesys Cloud is a multi-tenant SaaS offering with a comprehensive set of native Contact Center-as-a-Service (CCaaS) product capabilities built on a single platform — running on Amazon Web Services (AWS). Native AI - Genesys Cloud has built-in conversational and predictive AI capabilities. It utilizes technologies such as predictive analytics, machine learning, and natural language understanding to automate, route and personalize interactions. Omnichannel routing - Genesys Cloud supports calls, email, web, text and social messages. A single routing engine leverages a variety of routing algorithms, evaluation and scoring methods to determine the next best action while maintaining context, intent, and desired outcome. Speech-enabled IVR & self-service – Genesys Cloud offers multilingual speech-enabled IVR with natural language understanding (NLU) technology. Automated bot assistants provide continuous support for routine queries. Workforce Engagement Management - A native suite of AI-powered WEM capabilities supports employee onboarding and includes workforce schedule management (WFM), coaching, speech & text analytics, quality management, performance management and gamification. Outbound campaigns – Genesys Cloud supports outbound dialing and digital campaigns for sending proactive notifications or contacting contact lists of people in accordance with programmable rules. Analytics and reporting – Genesys Cloud provides real-time dashboards and analytics for contact center management, with customizable reporting and drill-down capabilities for performance analysis. Integrations - The platform includes a rich set of open APIs, integration methods and an ecosystem of 600+ pre-built solutions and applications available via the AppFoundry® Marketplace.

Geotab Telematics Platform Government (GTP Gov)

Authorizations

2

Reuse

2

Service Model

Impact Level

Status

FedRAMP Authorized

GetWellNetwork - Get Well Anywhere - Federal

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

GitHub Enterprise Cloud

Authorizations

20

Reuse

161

Service Model

Impact Level

Status

FedRAMP Authorized

GitLab Dedicated for Government

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Glassbeam Clinsights

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

GTS VirtualHealth Platform (GTS-VP)

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Google Workspace

Authorizations

15

Reuse

475

Service Model

Impact Level

Status

FedRAMP Authorized

Google Services (Google Cloud Platform Products and underlying Infrastructure)

Authorizations

24

Reuse

299

Service Model

Impact Level

Status

FedRAMP Authorized

Google Cloud VMware Engine (GCVE)

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

Gordian Federal Cloud powered by RSMeans Data

Authorizations

4

Reuse

3

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

Authorizations

13

Reuse

12

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

GovDelivery Communications Cloud

Authorizations

42

Reuse

41

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

HackerOne Continuous Security Testing Platform

Authorizations

3

Reuse

40

Service Model

Impact Level

Status

FedRAMP Authorized

Healthcare Safeware

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Healthcare Safeware® (Safeware®) is an enterprise software solution for healthcare quality and safety improvement. It allows for strategic targeting of quality and safety metrics requiring attention by supporting the workflow for case-based learning. Safeware® captures population-level process and system failures in care delivery by identifying, defining, quantifying, and analyzing events and opportunities for improvement. Safeware® can support multiple different case review workflows within the same healthcare site. Examples include reviews for suicide, inpatient and 30-day mortality, readmissions, falls, various patient safety indicators, etc. Safeware® can also document key portions of the ACGME criteria for Practice-Based Learning and Improvement (PBLI). Safeware® is configurable at the site level with the lowest levels of detail to include the location of care delivery (hospital floor, clinic, or external location), provider specialty, and patient. Safeware® was intentionally designed to support improvements in patient safety culture by not including specific names of frontline care team members involved unless a peer-review case is entered. Case reviews can be entered with or without PHI. Cases may be manually entered, or a CSV file containing unlimited cases can be uploaded. There is no direct connection to the electronic health record to minimize PHI data leakage. To ensure reliable data collection across healthcare systems (government and private sector), Safeware® contains a standardized taxonomy of events. It provides an additional assessment of those events by incorporating the ability to tag them with a translation of the DoD Human Factors Analysis and Classification System (HFACS) to clinical language. Safeware® users can add customized forms for data capture by patient population, outcome, or research project. These forms can be embedded within the case review at any stage within the workflow or sent as a survey form to an external team member to complete, with results auto-populating the respective case review. Safeware® provides analytics for improvement and learning, including visualizations of the results using Pareto diagrams, a statistical process control chart, heatmaps, and other traditional healthcare quality charts. All data entered can be used for visualization or downloaded to be used in other analytic tools.

Privacy Preserving Records Linkage (PPRL)

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Recruitment Assessments and Video Interviewing

Authorizations

5

Reuse

4

Service Model

Impact Level

Status

FedRAMP Authorized

Hootsuite Enterprise

Authorizations

6

Reuse

5

Service Model

Impact Level

Status

FedRAMP Authorized

HP Managed Services for Government

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Huddle Enterprise Cloud Content Collaboration and File Sharing Portal for Government

Authorizations

7

Reuse

7

Service Model

Impact Level

Status

FedRAMP Authorized

Federal High Impact Virtualized Environment (FedHIVE)

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

Hypori Government Cloud

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Hypori’s approach to mobile security is analogous to Virtual Desktop Infrastructure (VDI), a term coined by VMware and pioneered by Citrix describing a virtualization technology that hosts a desktop operating system on a centralized server in a data center that is accessed by thin clients on the user’s end point. Hypori Halo creates a Zero Trust architecture to provide secure access to Controlled Unclassified Information (CUI) and customer data and resources. In the Hypori Halo environment, the user’s device effectively becomes a “window” into a virtualized mobile workspace that is Version 1.1 20 Proprietary and Confidential operating in the Amazon GovCloud and delivered via a Software as a Service (SaaS) model. Hypori Halo uses a thin client application to create a virtual image of the user’s unique virtual mobile workspace. The client captures touch and sensor data from the end user physical device and routes it back to the Virtual Workspace through a secure and encrypted TLS tunnel. The Hypori Client has been tested by multiple Red Teams to ensure it meets the most rigorous security posture. It is Common Criteria Certified by the National Information Assurance Partnership (NIAP) for Android, iOS, and Windows platforms. NIAP ensures that all certified products “demonstrate exact compliance to the applicable technology protection profile.” This certification verifies that the “Hypori Client is a thin client that communicates only with a Hypori Virtual Workspace on a Hypori Server and not with other servers or applications.” It validates the cryptographic elements of communication with the Hypori environment, that no data is at rest on the user device and no PII is transmitted or stored on the physical end user device. Additionally, the Hypori Client does not trust the mobile device host. It uses application shielding and cryptographic key protection capabilities to defend against compromised hosts. It also has limited runtime OS attestation checks before it will launch. If it detects tampering of the client components, it will not connect to the environment. The data on the client is limited to the trust key chain. The mutual Transport Layer Security (TLS) tunnel certificate is stored with the operating system (OS) protected key store on the device, but no other data is on the end user mobile device. The backend environment consists of a series of subnets which form a cluster. Each cluster is designed to support numerous virtual workspace instances. To the user, the experience is virtually identical to when the application and data was on the user’s mobile device. Private keys within the Virtual Workspace are protected using the Android keystore in combination with the Cloud Service Provider key protection system. The Private keys are encrypted in accordance with Hypori’s National Institute of Standards and Technology (NIST) Federal Information Processing Standard (FIPS) 140-2.

IBM Federal ATOM

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

IBM Federal HR Cloud

Authorizations

5

Reuse

4

Service Model

Impact Level

Status

FedRAMP Authorized

IBM Maximo and TRIRIGA on Cloud for U.S. Federal

Authorizations

13

Reuse

12

Service Model

Impact Level

Status

FedRAMP Authorized

SmartCloud for Government

Authorizations

7

Reuse

6

Service Model

Impact Level

Status

FedRAMP Authorized

IBM Platform Services for Government

Authorizations

12

Reuse

11

Service Model

Impact Level

Status

FedRAMP Authorized

IBM Cloud for Government

Authorizations

6

Reuse

18

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

iboss Government Cloud Platform (IGCP)

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

Icertis Contract Intelligence (ICI) for Government

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

ID.me Identity Gateway

Authorizations

6

Reuse

5

Service Model

Impact Level

Status

FedRAMP Authorized

Ideagen Government Cloud

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

7

Reuse

6

Service Model

Impact Level

Status

FedRAMP Authorized

Illumio Government Cloud

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Illumio Government Cloud delivers Zero Trust Segmentation, including microsegmentation, across multi-cloud and data center workloads and endpoints for government agencies and departments. This offering includes Illumio Core and Illumio Endpoint. Illumio Core provides Zero Trust Segmentation for cloud and data center workloads. Illumio Core stops ransomware and cyberattacks from spreading by delivering intelligent visibility, radically simple label-based policy creation, and automated segmentation and enforcement. Key features: - Gain real-time visibility into traffic flows, application dependencies, and connectivity across all agent and agentless workloads, including containers, IoT, and virtual machines. - Simplify policy generation and automate enforcement to support Zero Trust initiatives with segmentation in minutes. - Stop the spread of ransomware and contain cyberattacks by preventing lateral movement — regardless of architecture, size, or complexity. Illumio Endpoint extends Zero Trust Segmentation to endpoint devices. Illumio Endpoint is flexible enough to handle dynamic work-from-home settings without impacting endpoint performance. It also prevents unnecessary communication from end-user devices to other endpoints or the data center to further reduce your attack surface. Key features: - Apply dynamic segmentation policies based on context, automatically changing if the device moves from the corporate environment to being on the go or at home. - Prevent the spread of ransomware between endpoints by blocking all but necessary communication among laptops, VDIs and workstations. - Gain complete visibility and control of both endpoints and server workloads in one single map. Illumio Government Cloud is an easy, fast, and proven Zero Trust Segmentation solution that uses a lightweight agent known as the Virtual Enforcement Node (VEN). The VEN is a local component of Illumio Government Cloud and is installed on each workload within a customer’s environment. It provides workload information and enforces policy rules by managing Linux iptables or Windows Filtering Platform (WFP) policies. The VEN is included in the Illumio Government Cloud FedRAMP package.

BloxOne Threat Defense Federal Cloud

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

Infor Government Solutions (IGS) Software as a Service

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

Infor Government Solutions (IGS) is composed of integrated cloud application suites that align to specific industries such as Public Sector, Aerospace & Defense, Industrial, Automotive, and Healthcare.These cloud suites are web-architected solutions powered by the Infor Operating Service Platform (Infor OS), a modern technology foundation for driving digital transformation. IGS supports workloads for essential business capabilities such as Financial & Supply Management, Manufacturing ERP, and Human Capital Management as well as fully integrated operational capabilities such as Asset & Maintenance Management, Business Intelligence & Analytics. IGS is hosted in an isolated government-only region of AWS GovCloud (US). AWS GovCloud adheres to U.S. International Traffic in Arms Regulations (ITAR), Federal Risk and Authorization Management Program (FedRAMP), Criminal Justice Information Services (CJIS) requirements, and Department of Defense (DoD) Cloud Computing Security Requirements Guide (SRG) Impact Levels 2, 4, and 5. IGS offerings are categorized using NIST SP 800-53 and the FedRAMP baseline to withstand a Moderate impact level. In addition to IGS' FedRAMP Joint Authorization Board (JAB) authorization, IGS is also compliant for Health Insurance Portability and Accountability Act of 1996 (HIPAA) and NIST SP 800-171, rev 1, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations. Infor Platform: Infor Operating Service Platform (InforOS) delivers high performance, support for open standards, interoperability, enhanced productivity, responsive design, and mobile access via a wide range of devices. The components of Infor OS work together to unify the user experience (UX) for the following enterprise capabilities, using human-centered design to support the mission. Infor Federated Security (IFS) provides single sign-on (SSO) to provisioned IGS applications and authorizes users for role-based access by synchronizing with customer solutions for multi-factor authentication (MFA). Enterprise Portal is a comprehensive platform for social collaboration, business process improvement and contextual analytics; it provides web portal access and presentation to all IGS applications available to the customer. Homepages provides customers the ability to build custom, dynamic pages or select from Infor-provided widgets. Homepages offers a flexible and highly configurable way to present IGS application information and analytics data to users. Intelligent Open Network (ION)is a configurable integration platform-as-a-service (iPaaS) that provides customers with event-based business process automation and the flexibility to orchestrate end-to-end processes across a complex web of enterprise applications. ION API Gateway provides a secure, scalable API gateway for all API calls and programmatic access to IGS applications with API Discovery Services, Policy Management, and Throttling features. Document Managementenables customers to capture, create, manage and access organization-specific business documents and use contextual intelligence to display documents with relation to their business purpose. Data Lake delivers schema-on-read intelligence, a fast, flexible data consumption framework, and metadata management to provide customers with needed data for making key decisions. Financials & Supply Management:Improve operations throughout your organization with the security, scalability, and flexibility of Infor's financial management solutions. Configurable to suit the unique needs of your industry, Infor's innovative solutions expands data usability, helps meet complex reporting requirements, and eliminates duplicate records and spreadsheets to improve financial performance. CS Financials & Supply Management is an integrated finance and supply management software suite that couples modern General Ledger operations with tools to effectively manage the full source-to-settle process. Establish a single close process across your entire organization and gain real-time visibility into receivables and billing, payables and matching, cash management, lease accounting, asset accounting, and project ledgers. Expense Management comprises a suite of four integrated applications (Expense Reports, Travel Plans, Payment Requests, and Timesheets) that can be used either individually or in any combination to automate expense-related business processes, enforce policy compliance, cut administrative costs, and reduce the risk of accidental errors and intentional fraud. Manufacturing ERP: Infor s manufacturing offerings provide ready-to-run solutions, built specifically to meet the needs of Government, Industrial, Aerospace & Defense, and Automotive companies and organizations. They provide deep, proven capabilities in key areas such as global finance, materials and inventory management, manufacturing production, product lifecycle management, project management, regulatory compliance, and field service management. CS Aerospace & Defense: Infor LN embodies over 25 years of experience and best practices in industrial manufacturing, equipment, automotive, high tech, aerospace and defense, distribution, and service management. Features includes industry-specific purchase and quality management, contract management and flowdown, multisite support, and built-in processes for ETO, MTO, MTS, and repetitive manufacturing. CS Industrial with Mobility: Infor SyteLine provides an end-to-end ERP solution for both discrete and process manufacturers, which includes advanced planning and scheduling, complex product configuration, mixed mode processes, and lean production methods. Factory Track™ is a manufacturing automation solution that supports field service and quality capabilities within Infor manufacturing ERPs and enhances warehousing functions for a paperless shop floor and greater operational efficiency. Warehouse mobility provides real-time barcoding and data collection for inventory operations and traceability. Time tracking provides a comprehensive time and attendance management for labor recording and machine time recording. Infor Supplier Exchange™ is used by automotive manufacturers to publish demand (requirements) and Advance Ship Notices (ASNs) to the Web. The platform provides online collaboration between customers and different types of companies in the manufacturing industry, including logistics service providers, outside processors, purchase parts suppliers, and discrete purchase order suppliers. Features include Global Track and Trace, supplier performance, damaged material notices as supports multiple currencies and multiple languages. Human Capital Management (HCM): Infor HCM provides a powerful set of cloud-based human capital management solutions to replace complex processes, workflows, and systems. Sophisticated, yet intuitive technology, empowers your HR professionals to deliver streamlined workforce processes. Global HR empowers HR departments to unify both data and processes and has the industry's broadest feature set of configurable, simplified, flexible and personalized core HR capabilities. GHR helps manage the person system of record, absence management, time entry, and benefits administration workflows. Cloud-based, mobile-enabled HR software frees your global teams from time-consuming transactional tasks enabling timely, accurate, and insightful data to all of your relevant HR and business applications. Talent Management is an integrated set of applications and performance management software organically built to support your strategic people initiatives by unlocking the potential of your organization's talent. Identify, hire, develop, reward, and retain the best of the best, all using a single, unified user experience. Work Force Management is a comprehensive labor optimization, planning, and time and attendance solution managing employee resource demand, labor performance, and business analytics. WFM addresses all aspects of labor compliance and performance needs with time and attendance, demand-driven scheduling, workforce scheduling, and absence management tools, mitigating potential compliance errors and reducing costs. Payroll is a scalable solution integrating personnel information seamlessly with compensation, benefits, absence, time-entry management, and employee self-services. Infor Payroll reduces administration workload and duplication of effort with a powerful control monitoring system. Update your payroll practices with a reliable and highly secure solution that meets the needs of complex pay job costing components. Asset & Maintenance Management: Hexagon's Enterprise Asset Management (EAM) with Mobility enables everyone involved in asset maintenance and management - owners, inspectors, managers, engineers, field techs, investment strategists - to find out more about the criticality, condition, reliability, and performance of assets, large and small. Based on ISO 55000, asset performance management (APM), asset investment planning (AIP), and GIS capabilities allow organizations to track assets and make data-driven decisions about when to repair, refurbish, retire, or replace. Facilities Management is configured with 14 separate workflows with out-of-the-box functionality. Infor EAM is pre-loaded with American Society of Heating, Refrigerating, and Air-Conditioning Engineers (ASHRAE) standards for equipment classifications, along with standard structures for mechanical, electrical, plumbing, and architectural systems. A two-way integration with OpenCAD Building Information Management (BIM) allows virtual walkthroughs of 3D building models, transforming design, construction, and maintenance capabilities. Maintenance, Repair & Overhaul (MRO) is a configurable solution to manage activities across different types of assets, including Fleets, Equipment, Labs and Utilities. Infor EAM's best-in-class features automatically create and assign work orders for preventive and corrective maintenance, automate purchasing and inventory management, manage inspections, schedule resources, and can leverage IoT and analytics to predict asset failure and support condition-based and reliability-centered maintenance programs. Business Intelligence & Analytics: Infor Burst is a native cloud business intelligence (BI) and data analytics platform for enterprise reporting, dynamic dashboards, and self-service data discovery that helps organizations understand and optimize complex processes in less time than traditional BI solutions. Built with patented data warehouse automation and machine learning technologies, Burst's "networked BI" approach creates a curated semantic data layer that maintains data lineage and connects teams and applications across the enterprise via a trusted network for faster insights and smarter decisions. Democratize data access while still maintaining centralized compliance and governance with new auditing features and granular user access controls. Dynamic Enterprise Performance Management (d/EPM) delivers business and financial performance management applications for Infor ERP solutions that allow organizations to centralize data, build plans tailored to their business, and forecast more accurately. d/EPM is an in-memory analytics platform that provides instant consolidation of data and immediate user feedback. Governance Risk and Compliance (GRC)is a versatile and extensible governance, risk, and compliance software that customers can use to mitigate performance or security risks, minimize inefficiencies, and verify user permissions, while remaining compliant with laws, regulations, and industry standards.

Informatica Intelligent Cloud Services (IICS)

Authorizations

3

Reuse

3

Service Model

Impact Level

Status

FedRAMP Authorized

Government agencies need a better, faster, more reliable approach to integrate and deliver timely data and analytics to users and business systems that rely on data. Whether you're delivering analytics, building a data warehouse, migrating a data warehouse to the cloud, or building real-time application processes, you need a high-performance, easy-to-use data integration service that connects to on-premises data sources, cloud applications, and cloud platforms to seamlessly integrate high volumes of data, so that you can get up and running quickly. IICS for FedRAMP IICS is a microservices-based, automated, AI-powered, and cloud-native data management solution. All of the IICS for FedRAMP IICS components and integrated Informatica solutions described below incorporate the CLAIRE artificial intelligence (AI) and machine learning engine, which leverages industry-leading metadata capabilities to accelerate and automate core data management and data governance functions. IICS for FedRAMP IICS includes support for both Cloud Data Integration and Cloud Application Integration: Cloud Data Integration Built on a next-generation, microservices-driven software as a service (SaaS), Informatica Cloud Data Integration enables you to connect to industry-leading applications and data sources across on-premises and the cloud and allows you to integrate the data sources at scale. Optimize the performance of your development teams by employing a codeless UI to build new integrations using drag-and-drop interfaces, making complex integrations simple. Speed up new initiatives with pre-built templates to get teams up and running more quickly, even for very involved scenarios. Cloud Application Integration Informatica Cloud Application Integration (CAI) service offers a single, trusted solution to support any integration pattern, data set, user-type or endpoint to automate business processes, expedite transactions and enable real-time analytics. It is based on a modular, microservices based architecture for agile support of future business requirements. CAI supports multiple new and unique integration patterns, which include on-premises to cloud real-time data integration, real-time/B2B application integration, process orchestration, data synchronization, and more. Users can integrate multi-cloud and hybrid applications, without writing a single line of code. Each of the above services leverage Informatica's Secure Agent that runs all your Cloud Data Integration and Cloud Application Integration workloads inside of the customer’s infrastructure, ensuring the greatest levels of security and performance.

Content Manager Records Management Application (RMA) Cloud Service Offering (CSO)

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

Innovative Driven Government Cloud (IDGC)

Authorizations

3

Reuse

2

Service Model

Impact Level

Status

FedRAMP Authorized

Trust & Wealth Management Solutions

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Intelliworx Cloud Workflow Platform

Authorizations

33

Reuse

32

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Iron Mountain Insight on AWS

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Iron Mountain InSight

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Issio Information System

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

GovDataHosting Cloud Platform

Authorizations

6

Reuse

5

Service Model

Impact Level

Status

FedRAMP Authorized

Itamar Dispatcher Cloud (IDC)

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Ivanti Neurons for MDM (Formerly MobileIron)

Authorizations

3

Reuse

3

Service Model

Impact Level

Status

FedRAMP Authorized

MobileIron Government Cloud provides Government agencies with the foundation of the first mobile-centric, zero trust security platform to securely access and protect data across the digital workplace. MobileIron's zero trust approach validates the device, to ensure that only authorized users, devices, apps, and services can access business resources. With MobileIron, Government agencies can secure and manage data on any device across multiple operating systems such as iOS, Android, Windows 10, macOS, Zebra and Oculus. MobileIron technology automatically provisions enterprise settings such as Wi-Fi and VPN, secures corporate email and email attachments, applications and content delivery for both GSE and BYOD programs. With MobileIron, IT departments can deliver the right resources to authorized personnel while protecting sensitive government data, preserving the privacy of end-user data, and maintaining the seamless native device experience. MobileIron Government Cloud has been purpose built to provide a cloud-based, scalable architecture that enables rapid deployment and scales up to millions of users. The MobileIron Unified Endpoint Management (UEM) platform incorporates identity, context, and privacy enforcement to set the appropriate level of access to data and services while allowing IT departments to securely manage their global mobile workforce from a single console. . When user choice and end user experience matters, MobileIron Cloud provides the simplest onboarding and superior on device experience which improves user productivity. MobileIron Government Cloud offering now includes MobileIron Threat Defense (MTD). MTD builds upon MobileIron's mobile-centric, zero trust security framework by providing a single app that continually detects and remediates against known and unknown (zero-day) device, network and app-level threats on Android and iOS devices, with or without cellular or Wi-Fi connectivity. Deployment and activation of MTD on mobile devices is accomplished silently on managed and unmanaged devices in order to drive towards 100 percent user adoption. In addition to protecting federal data from mobile attacks, MTD helps federal agencies to comply with regulatory requirements, reduce total cost of ownership, and drive business innovation with secure mobile devices, apps, and cloud services.

Ivanti Neurons for ITSM (Formerly Service Manager)

Authorizations

1

Reuse

5

Service Model

Impact Level

Status

FedRAMP Authorized

Tracers with AMP®

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Juniper Mist Government Cloud uses a combination of artificial intelligence, machine learning, and data science techniques to optimize user experiences and simplify operations across the wireless, wired, and SD-WAN branch and campus environments. Data is ingested from numerous sources, including Juniper Mist Access Points, Switches, Session Smart Routers (SSR), and Firewalls (SRX) for end-to-end insight into user experiences. These devices work in concert with Mist AI to optimize user experiences from client to cloud, including automated event correlation, root cause identification, Self-Driving Network™ operations, network assurance, proactive anomaly detection, and more. Juniper also leverages Mist AI for next-generation customer support. For example, it is the foundational element behind Marvis, the industry’s first AI-driven Virtual Network Assistant, providing extensive insight and guidance to IT staff via a natural language conversational interface. As a result, Mist AI saves operators time and money with faster problem resolution and fewer onsite visits. In addition, users benefit from a network infrastructure that is more predictable, reliable, and measurable. Marvis Virtual Network Assistant is the first virtual network assistant (VNA) purpose-built with Mist AI for enterprise WLANs, LANs, and WANs. It transforms network operations from reactive troubleshooting to proactive remediation through self-driving actions. Juniper Wi-Fi Assurance service is based on machine learning and driven by Mist AI. It replaces manual troubleshooting tasks with automated wireless operations to make Wi-Fi predictable, reliable, and measurable, providing unique visibility into user service levels. Juniper Mist Wired Assurance service brings Mist AI to switching. It sets a new network management standard with AI-driven operations and automation, improving the experiences of devices connected to resources through Juniper EX/QFX Series Ethernet Switches for branch and campus deployments. Juniper Mist WAN Assurance service simplifies operations and improves visibility into end-user experiences while shortening the time to repair wired and wireless devices. Premium Analytics offers network visibility and business intelligence to drive your digital transformation journey.

Juvare Federal Cloud

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Kahua Federal Network (KFN)

Authorizations

5

Reuse

4

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Keeper Security Government Cloud Password Manager and Privileged Access Manager

Authorizations

6

Reuse

73

Service Model

Impact Level

Status

FedRAMP Authorized

Keyfactor for Government

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Kiteworks Secure Gov Cloud

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

The Kiteworks Private Data Network is a FedRAMP Ready service at the High Impact Level that provides data security, governance, and compliance capabilities. The service consists of the following core components and functions: System Components - Virtual private cloud (VPC) environment with dedicated servers for each customer - Encrypted file storage system - Data transfer protocols including SFTP, HTTPS, and SMTP - Authentication and authorization services - Audit logging and monitoring systems - Security scanning and threat detection services Core Functions - File transfer and sharing capabilities via web interface, email, SFTP, MFT, and APIs - Role- and attribute-based access control and user authentication - File encryption at rest and in transit using FIPS 140-3 validated cryptographic modules - Audit logging of all system and user activities - Integration with customer directory services (LDAP/Active Directory, etc., see below) - Multi-factor authentication support - DLP integration - Embedded antivirus Possessionless Editing (SafeEDIT) System Components and Functions - File streaming service for secure remote data access and collaboration - Data rendering system for file type conversion - Audit logging system for data interactions - Versioning system for file changes - Authorization validation service - File integrity verification system - Session management service - Access revocation controls - Activity monitoring system Security Features - Customer-managed encryption keys - Single-tenant deployment providing data isolation between customers - Continuous security monitoring and scanning - File-level role- and attributed-based access controls - Remote device management capabilities - Security event logging and reporting - Integration with customer SIEM systems Compliance Capabilities - Audit log generation and retention - Policy enforcement mechanisms - Compliance reporting tools - Data locality controls - Access tracking and monitoring - Chain of custody documentation Integration Interfaces - REST APIs for system integration and SCIM authentication support - SMTP interface for email services - SFTP/FTPS/CIFS/SMB interfaces for file transfer - LDAP/AD, SAML 2.0, Kerberos, PIV/CAC, time-based one-time password (TOTP) authenticators, SMS, and SFTP certificate connectors for authentication - SIEM integration for security monitoring - DLP and CDR system integrations - The system operates within a defined authorization boundary and undergoes continuous monitoring and regular security assessments in accordance with FedRAMP requirements. To learn more about what Kiteworks can do for government agencies, please visit: https://www.kiteworks.com/solutions/government/

Knightscope Autonomous Security Robot (Knightscope ASR)

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

KnowBe4 Platform (KSAT + PhishER)

Authorizations

18

Reuse

19

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

LabArchives for Government (LG)

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

SimCapture Cloud Government

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

1

Reuse

24

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

3

Reuse

2

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

4

Reuse

3

Service Model

Impact Level

Status

FedRAMP Authorized

Accessibility Management Platform (AMP)

Authorizations

5

Reuse

4

Service Model

Impact Level

Status

FedRAMP Authorized

Lexis+® for Government

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Lookout Security Platform

Authorizations

13

Reuse

14

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

7

Reuse

7

Service Model

Impact Level

Status

FedRAMP Authorized

Cloud Contact Center

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

InfraLink, formerly known as Infrastructure Maintenance Management System (IMMS), integrates the cyber-physical systems lifecycle from design through implementation and sustainment, enabling configuration management and providing a systematic approach to planning and continuous improvement across project activities. Rely on InfraLink to support all aspects of critical infrastructure management. Configuration Baselines - Effectively manage system security, planned maintenance, issue management, and systems availability/performance reporting by ensuring the integrity of your system baseline configurations. InfraLink supports customization to each system element. Preventive Maintenance - Ensure critical systems and equipment availability and avoid unplanned outages. Based on the concepts of reliability-centered maintenance, InfraLink provides a foundation for effective scheduling, tracking, and performance management activities. Model data, capture tools, and electronic forms document and validate information in near-real time. Issues Management & Analysis - InfraLink’s flexible and customizable ticketing system allows you to define work categories and workflows that align with program scope and priorities, set service level agreement (SLA) milestones, and capture customized status-specific issue attributes. Comprehensive case details help you better assess system and process performance, conduct effective root cause analysis and ensure individual accountability. Installation Management - InfraLink allows project teams to effectively track complex system implementation workflows, from simple component testing and installation to the integration of complex subsystems and hundreds of components. InfraLink enables effective planning and data integrity, which promote worker safety, accountability, and coordination across job functions. Materials Inventory - Avoid work delays caused by stock shortages and extensive inventory carrying costs through effective inventory management. InfraLink helps you plan replacements based on a reliable configuration baseline, performance history and operational priorities, while streamlining stringent Government and enterprise property reporting requirements. Reporting - Maintain a comprehensive assessment of your systems and team performance. InfraLink provides a range of standard and customizable reports and dashboards that offer critical insights to support ongoing improvements in systems performance and management.

Manhattan Government Cloud

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Mark43 Public Safety Platform (PSP)

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

RiskRecon Cybersecurity & Privacy - Reporting and Scorecards

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

Quality Excellence Gov (Qx Gov)

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Mathematica Cloud Support System

Authorizations

3

Reuse

2

Service Model

Impact Level

Status

FedRAMP Authorized

Maximus Intelligent Virtual Assistant (MIVA) (formerly MIA)

Authorizations

4

Reuse

3

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

3

Reuse

6

Service Model

Impact Level

Status

FedRAMP Authorized

Maximus Cloud is a FedRAMP Authorized multi-tenant Private and Government Community Hybrid Cloud designed exclusively for use by government customers only. Built to meet government compliance and security requirements, our managed Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), and Software-as-a-Service (SaaS) portfolio of solutions are hosted, managed, secured, and monitored to provide the highest scalability, reliability, and availability of mission-critical systems and services. Our FedRAMP Authorized services include: • MAXIMUS Amazon Connect Platform: an enterprise-class omnichannel cloud contact center solution. The Engagement Platform leverages Amazon Connect technology to provide an optimized citizen engagement experience that enables citizens to communicate with your agency across all channels – including voice, email, SMS and web chat. The Amazon Connect Platform also provides key additional modular features such as workforce management, recording and quality management, analytics, AI and a robust reporting framework. • MAXIMUS Genesys Engagement Platform: an enterprise-class omnichannel cloud contact center solution. The Engagement Platform leverages Genesys technology to provide the omnichannel functionality required for an optimized citizen engagement experience that enables citizens to communicate with your agency across all channels – including voice, email, SMS and web chat. The Engagement Platform also provides key additional modular features such as workforce management, recording and quality management, analytics, AI and a robust reporting framework. • Maximus Intelligent Insights: a Software-as-a-Service (SaaS) Total Customer Experience solution powered by SuccessKPI that uses AI and machine learning to provide key insights on customer service experiences over text and audio. The platform uses speech recognition and natural language understanding (NLU) to analyze conversations between customers and agents in real-time. With omni-channel capabilities, SuccessKPI brings together information from every customer point of contact to provide comprehensive datasets for improving the consumer experience. • Maximus RPA: is our Platform-as-a-Service (Paas) solution powered by Automation Anywhere that uses a web-based management system that uses a control room to run automated tasks that combines traditional Robotic Process Automation (RPA) with cognitive elements like Natural Language Processing (NLP), reading unstructured data, and machine learning capabilities. • Maximus Analytics: is our Platform-as-a-Service (PaaS) solution powered by tcg mcube that uses a robust, scalable, and flexible end-to-end AI Platform to ingest, store, and process complex data to across the enterprise. Intuitive and built for speed, Maximus Analytics provides real-time data insights, a low code AI drag-and-drop interface, powerful self-service capabilities, and a modular 360-degree platform embedded with AI/ML frameworks. • Maximus Suicide Prevention Service Powered by MindX Sciences is an easy-to-use tool that can identify individuals at risk for suicidality and provide personalized risk-reduction and life improvement strategies. Based on the Niculescu Convergent Functional Information for Suicidality Scale (CFI-S), the test does not ask about suicidal ideation, making it suitable for non-clinical settings such as large organizations or educational settings. The test's validity and reliability have been validated through published studies in scientific and medical journals. Additionally, clinicians can use the test for a nominal yearly fee to reduce suicide risk in their patient population, with a CPT code for clinical use available. Overall, the SX Prevent test is an innovative approach to suicide prevention that can support individuals at risk and may prove beneficial in various settings.

MCG Applications and Hosting

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

MCG Energy Solutions develops and provides wholesale and retail energy software on a SaaS basis that we host as a CSP in the MCG Private Cloud. Both our Private Cloud infrastructure (IaaS) and our product suite (SaaS) exceed a 99.99% SLA uptime for utilities and other businesses that need a true 24x7x365 system with real-time (active/active) redundancy. MCG’s entire customer solution, including all product offerings and services, has no gaps between our software and the infrastructure it runs on. Our solutions are hardened through and through to mitigate customer risk exposure and minimize required maintenance. The following products are included in the MCG Application suite which can be used individually or together as a complete energy software solution: • Integrated Asset Manager (IAM) - A full-featured, easy-to-use wholesale energy marketing and trading solution integrated with all North American physical bilateral markets and ISOs. IAM’s user-friendly scheduling interface streamlines workflow for managing front-office and back-office operations including trade capture, transmission reservation management, fully integrated native e-Tagging, scheduling, bidding, dispatch, settlement, and reporting for all resources and loads. • Energy Accounting System (EAS) - Tracks and manages time-series data types, visualizes calculations (load, imbalance, contract, etc.), and tracks a meter’s data sources to generate an official profile based on the best available and validated data. EAS supports granular meter input (5-minute, 15-minute, hourly) and tracks multiple data sources for a single meter such as PI, MV90, market, and more. The system’s flexible calculation engine accepts and saves the calculations you require in an Excel-like format. • TransBill - Extends EAS as a complete wholesale power billing and invoicing solution that bills a wide variety of wholesale contracts for both generation and transmission businesses. TransBill assists in performing all components of Open Access Transmission Tariffs (OATTs), Purchase Power Agreements (PPAs), Grandfathered Agreements (Power and Transmission legacy contracts), ISO Transmission Revenue Shadowing, and more. • MCG’s Versify Outage Management System (OMS) - An industry leader for handling the outage process from the initial request, through approval processes, to execution and coordination of activities in the field and with ISO and RTO markets. Versify OMS features the advanced Versify workflow engine that greatly reduces time and expense of adjusting the system to meet changes in markets and your business. • MCG’s Versify Operator Log (OpLog) – A web-based software system that easily logs events, activities, and compliance requirements in a single tool using the same workflow engine as Versify OMS. OpLog simplifies communication between the field and office, and automates manual processes to eliminate errors while improving efficiency and compliance. • MCG’s Versify Workforce – Advances and streamlines safety management with tools for desktop and mobile devices, including Permit to Work (PTW), Job Hazard Analysis (JHA), Job Safety Analysis (JSA), Lockout Tagout (LOTO), and more. Workforce reduces the administrative burden on staff while enhancing compliance and coordination between the field and office. Designed to provide complete visibility across your organization, Workforce ensures the correct safety and compliance measures are taken for the safety of your employees and work environments. • MCG’s Paragon Energy Risk Manager (ERM) - A fully integrated trading, credit, and market risk management solution for complex, multi-commodity energy companies. ERM manages the entire risk management process throughout the transaction life cycle including counterparty onboarding and scoring, trade limits, margining agreements, trade capture, scheduling, Mark-to-Market (MtM), accounting, and credit analysis. Combining state of the art technology with dynamic features, ERM provides a consistent approach to market and credit risk to ensure compliance with credit and market exposure policies and limits. • MCG’s Paragon Credit Risk Manager (CRM) - Combines state of the art technology with a rich feature set for managing credit risk, including counterparty, contract, collateral, exposure management, advanced credit analytics, and credit scoring. CRM is easily configured by users to meet the nuances of each client’s credit risk requirements, and can create custom views and reports that can be saved and shared. Encompasses the entire scope of credit risk management to ensure credit policies are consistently and efficiently followed across your organization. • MCG’s Paragon Gas Scheduling System (GSS) – This extension of Paragon ERM merges operational and commercial data in an easily navigated format that streamlines tasks from processing nominations to generating expected cash flows. GSS simplifies the gas scheduling process by generating invoices and closing statements using transport rates from the pipeline and actualized data. • Hosted Data Services (HDS) – Accessing your data should not interrupt business activities. HDS warehouses and archives data from all MCG products into a single platform with full search, filter, report, and display building capability. It includes a programmatic API for performing queries directly against the HDS database, eliminating production impacts from long running queries while integrating to downstream systems without impacting the operational system in use. • Control Area Scheduling (CAS) – A fully featured interchange and transmission scheduling system integrating MCG e-Tag and OASIS interfaces to automatically create, categorize, and track interchange and transmission schedules for reliability entities. • MCG’s Innotap Data Suite (IDS) – When you need timely, clean, and accurate data from markets for your decision making, IDS (direct or through API feed) is the solution for your business. IDS organizes and displays data for wholesale energy transactions from a wide array of sources, with modules for a variety of ISOs and RTOs to aid and report on the decision making process.

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

Mindful by Medallia

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Medallia GovCloud

Authorizations

10

Reuse

10

Service Model

Impact Level

Status

FedRAMP Authorized

The Medallia Experience Cloud (MEC), leads the market in the understanding and management of experience for agencies, public sector employees, and citizens. Medallia captures experience signals created on daily journeys in-person, traditional surveys, on calls, digital channels, over video and social media, and IoT interactions. Once net new data is captured or by leveraging legacy data previously collected by customers, Medallia applies proprietary AI technology on data that is structured and unstructured (text and comments) to reveal personalized and predictive insights that can drive action towards positive business / organizational results and outcomes. Using the Medallia Experience Cloud, government agencies can reduce employee churn, increase citizen and employee Trust and Equity, achieve in-the-moment service recovery, and drive data-driven business decisions while providing clear and potent returns on investment. The Medallia Experience Cloud can support agency mission, focus, and objectives by: - Engaging Citizens and Employees Intuitively in a secure, meaningful, continuous way to increase feedback response rate and help the agency better understand their sentiment, value, and behavior. - Empowering the Agency and Activating every Employee by driving feedback and actionable insights to every agency employee. - Taking Action in Real-Time with analysis and alerts that identify focus areas and help resolve issues quickly. - Optimizing Government Experience by empowering agencies to align with mandates related to A-11, Trust, and Equity - Removing Silos by tracking customer journeys that span across engagement channels including email, mobile, websites, chat, phone, video, and contact centers - Maintaining Trust and Security with a platform that is FEDRAMP High certified with the JAB as well as HIPAA compliant allowing us to engage with sensitive PII. - Integrating at scale by leveraging connectors for platforms such as Salesforce and ServiceNow and supported by a robust suite of Restful API

MediaLab Federal

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

Melissa GovCloud Address Suite

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

Cloud Security Platform powered by Isolation Core

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Menlo Security is the pioneer of browser security and stops evasive threats such as phishing and ransomware, delivering on the promise of cloud-based security and enabling zero trust application access. The Menlo Secure Enterprise Browser solution prevents attacks while being invisible to end users who can use their preferred web browser, enhancing productivity. Deploy browser security policies in a single click, securing internet access and protecting organizational data down to the last mile. Menlo Secure Enterprise Browser Solution Instantiated for each browser session, the Menlo Secure Cloud Browser secures access to the web, preventing malware, ransomware, and unauthorized access and ensures that data security policies are enforced to prevent malicious or unintentional data theft with multiple Data Loss Prevention (DLP) features. Defending against highly evasive adaptive threats (HEAT), Menlo leverages machine learning and AI-based URL analysis to identify and block the most sophisticated phishing sites. Menlo remote browser isolation (RBI) offers significant performance enhancements in comparison to all other RBI offerings with patented Adaptive Clientless Rendering (ACR). ACR enables web page rendering, including interactive animations such as scrolling, to be performed on the endpoint browser using optimized desktop hardware and browser software, while the full browser feature set—including copy-paste, find in page, and printing—is maintained. The administrative policy defines whether any site is isolated. Isolation may be managed with traditional categories which should be familiar and easy to use by administrators of Secure Web Gateways (SWG). Unlike a SWG, however, Menlo enables isolation by threat types and/or vulnerable web services. Mitigating the security blindspot posted by mandated transport level encryption (TLS), Menlo Browsing Forensics offers policy-based capture of browsing sessions. Captures are stored in customer data stores, not accessible to Menlo Security. The Browsing Forensics Viewer enables the Security Operations Center (SOC), incident response, and even security awareness training teams to review users’ sessions including clicks, scrolls and text inputs. Policy controls manage whether password entries are retained, whether a user is notified of recording and screen capture rates. Files and archives are delivered with browser protocols. The Menlo Secure Cloud Browser includes comprehensive file and archive inspection. Archives are opened, and each file is subject to hash checks and anti-virus examinations. The safe content of both clean and infected files can be presented as a safe PDF to the user. Policy governs whether any original file or archive may be downloaded from the Secure Cloud Browser. File security checks can be selectively bypassed. Traffic steering to the Menlo Cloud supports proxy chaining from, for example, existing SWG or Cloud Access Security Brokers (CASB), as well as PAC file deployment or firewall redirecting. Menlo Browser Security is fully compatible with Secure Access Service Edge (SASE) and Security Service Edge (SSE) deployments. Common use cases for Menlo Browser Security include: comprehensive zero-hour phishing prevention, ransomware prevention, administrative governance of Generative AI, and comprehensive governance of SaaS using workflows similar to CASB, but including SaaS property isolation and comprehensive file upload and download controls applicable on a per-application basis.

Constellation GovCloud (CGC)

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

ITMX Platform featuring Service & Asset Management, Universal Discovery, CMDB and Project & Portfolio Management

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Azure Government (includes Dynamics 365)

Authorizations

68

Reuse

372

Service Model

Impact Level

Status

FedRAMP Authorized

Office 365 Multi-Tenant & Supporting Services

Authorizations

95

Reuse

356

Service Model

Impact Level

Status

FedRAMP Authorized

Azure Commercial Cloud

Authorizations

80

Reuse

515

Service Model

Impact Level

Status

FedRAMP Authorized

Microsoft Office 365 GCC High

Authorizations

3

Reuse

2

Service Model

Impact Level

Status

FedRAMP Authorized

MicroStrategy Cloud for Government

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

MicroStrategy is the world’s top-rated platform for enterprise analytics. The MicroStrategy Intelligence Platform offers a full range of trusted, modern BI experiences, and is designed to help departments and agencies build data-driven cultures and make faster, smarter decisions. Built for performance at scale, MicroStrategy delivers concrete answers to users where and when they’re needed. Foundationally, the platform offers out-of-the-box drivers and gateways for a variety of data sources, types, and formats, and APIs/SDKs which are hosted within the MicroStrategy Platform Deployed within Customer Tenant. Using the platform’s proprietary enterprise semantic graph, agencies can establish a unified, governed, secure, and reusable data model on which a variety of intelligence solutions can be built to deliver accurate, personalized, and trusted information to individual users based on each agency’s enterprise data dictionary. The MicroStrategy Cloud for Government is a fully managed enterprise analytics solution that offers all the market-leading capabilities of the MicroStrategy Intelligence Platform on a unique Amazon Web Services (AWS) GovCloud implementation. MicroStrategy Cloud for Government features a fully optimized reference architecture built specifically for deployment in a customer-licensed AWS environment, offered as a software-as-a-service (SaaS) solution. MicroStrategy administers each unique MicroStrategy Cloud for Government environment on the behalf of each government department or agency, including steady state operations, routine application of software upgrades, robust system monitoring and alerting, and 24/7/365 technical support for priority issues. The components that directly support the MicroStrategy Cloud for Government cloud service offering are described in the subsections below. MicroStrategy Cloud for Government is a SaaS service built on top of AWS GovCloud (US) IaaS servers. MicroStrategy utilizes AWS GovCloud (US) to provide the resources that host the MicroStrategy Cloud for Government platform and leverages the experience and resources of AWS to scale quickly and securely as necessary to meet current and future demand. MicroStrategy is responsible for designing and configuring the MicroStrategy Cloud for Government architecture within AWS GovCloud (US) to ensure that the availability, security, and resiliency requirements are met.

GovPoint Cloud Services

Authorizations

8

Reuse

7

Service Model

Impact Level

Status

FedRAMP Authorized

GovPoint Cloud Services (GCS) offers a variety of cloud solutions, including Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Software as a Service (SaaS), custom and private clouds, and 'bring your own hardware' options. This allows for tailored cloud setups to meet specific needs. GovPoint operates from its geographically dispersed data facilities, which are maintained by MIS Sciences, without relying on other providers. All compute instances feature high-performance processors and ultra-fast flash storage with 40 Gbps connectivity, ensuring exceptional speed and efficiency. Overview of Services • Authorization as a Service If you have an application that needs to be FedRAMP authorized, MIS can include it in our suite of FedRAMP authorized SaaS offerings. This will enable your SaaS application to utilize the MIS FedRAMP authorization, allowing you to provide a FedRAMP authorized product to your customers. • Compute (IaaS) With GovPoint Compute (GPC), you balance processors, RAM, and disk to meet the requirements for any cloud application. GPC uses a blend of high-I/O flash disks and Storage. Users can choose between pre-configured and hardened images or customize processors, disk space, and RAM to meet particular needs. • Private FedRAMP Cloud If your requirements call for isolation or dedicated resources, the Private FedRAMP Cloud is your solution. With the Private Cloud, you have complete control over all resources, including firewalls, networking, computing, and Storage. Your private cloud is isolated from all other tenants and users and is part of the GovPoint FedRAMP Infrastructure. • Bring Your Own Hardware Customers can bring their own hardware to operate within the FedRAMP Authorization boundary. This allows them to utilize the GCS controls to meet compliance requirements for specialized hardware, equipment, or appliances. • Sayari (SaaS) Sayari is a trusted supply chain and counterparty risk intelligence provider for government agencies, multinational corporations, and financial institutions. Our platforms integrate corporate ownership, supply chain, trade transactions, and risk data from over 250 jurisdictions, ensuring you can trust the quality of our intelligence. • Calabrio Workforce Engagement Management (SaaS) Calabrio Workforce Engagement Management offers a digital foundation for customer-centric contact centers. This suite improves agent performance and workforce efficiency by combining workforce optimization, agent engagement, and business intelligence in the cloud, leading to better customer experiences. • Sharetru Federal (SaaS) Sharetru Federal is a leading provider of secure file sharing and Managed File Transfer as a Service (MFTaaS). It allows organizations to exchange critical data securely while ensuring compliance with strict regulations such as CMMC, NIST SP 800-171, ITAR, HIPAA, PCI-DSS, and FedRAMP (NIST SP 800-53 Rev. 5). With file transfer protocols including HTTPS, SFTP, and FTPS, Sharetru Federal supports fully automated as well as ad-hoc file transfers. Explicitly designed for industries requiring high data protection standards, Sharetru Federal serves sectors including Defense, Healthcare, Financial Services, and Aerospace. • eAlert Notification Service (SaaS) eAlert is a cloud-based, high-speed, high-volume email and SMS sending service designed to send notifications and transactional messages. It is a reliable, cost-effective service for businesses of all sizes that use email and SMS to keep in contact with their customers. Use the GCS eAlert APIs to integrate eAlert directly into your existing applications. You can also integrate the email sending capabilities of GCS eAlert into the Software you already use, such as ticketing systems and email clients.

mLINQS Hosting Service

Authorizations

9

Reuse

8

Service Model

Impact Level

Status

FedRAMP Authorized

MongoDB Atlas for Government

Authorizations

5

Reuse

18

Service Model

Impact Level

Status

FedRAMP Authorized

Monster Hiring Management Enterprise (MHME)

Authorizations

17

Reuse

16

Service Model

Impact Level

Status

FedRAMP Authorized

Motorola Solutions Federal Cloud (MSFC)

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Moveworks GovCloud

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

Moveworks is a comprehensive, technology-agnostic Agentic Artificial Intelligence (AI) platform for automating workforce support. The Moveworks Agentic AI Assistant manifests as a standalone search engine, web bot, or collaboration tool native chatbot to drive business process optimization (BPO) by enabling employees to find information, automate tasks, and enhance productivity via workflow automation, cost reduction, and digital transformation at scale across all business systems (ITSM, HRIS, ERP, CRM, and others). Powered by machine learning (ML), a fleet of public and proprietary LLMs, and a pioneering Agentic Reasoning Engine that allows it to handle complex requests across multiple domains (IT, HR, Finance, Facilities, Engineering, Operations, and others), Moveworks helps organizations to achieve Lean Six Sigma levels of operational efficiency while maintaining regulatory compliance and optimizing resource allocation. It streamlines strategic sourcing, financial modeling, and expense reduction, thus ensuring maximum ROI (Return on Investment) and total cost of ownership (TCO) optimization. It also comes with robust stakeholder tools allowing for strong governance, rich analytics, and continuous service improvement. With an intuitive, zero-trust architecture (ZTA), the Moveworks platform seamlessly integrates with existing technology ecosystems to deliver value out of the box, allowing organizations to modernize operations through cloud optimization and IT modernization. And while Moveworks has over 150 native integrations, the platform also has a developer interface that makes it easy for builders to extend the power of the Agentic AI Assistant to every bespoke business system by creating custom AI agents at speed and at scale. For public sector innovation and government modernization, the Moveworks platform enhances agile governance by implementing and tracking key performance indicators (KPIs) to ensure accountability. It enables process mining to uncover inefficiencies, supports continuous improvement (CI) methodologies, and delivers real-time insights for data-driven decision-making.

Movius MultiLine and Movius Decentralized Distributed Secure Communications

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

iSite Contract Management Portal

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

MuleSoft Government Cloud

Authorizations

21

Reuse

74

Service Model

Impact Level

Status

FedRAMP Authorized

Vendor Event & Business Matchmaking Platform

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Building on 70+ years of physician matching, the NRMP partners with U.S. government agencies to offer simple, equitable, and effective solutions for matching applicants to posts, stations, and government offices around the globe to effectively address recruitment and selection needs and drive outcomes for success. Using our software-as-a-service application called iMatch, administrators can invite participants to take part in a “match” where we leverage our proprietary mathematical matching algorithm to prioritize the selection preferences of participants, placing them in the most preferred positions possible on their rank lists. Participants have access to real time Match information and obtain their Match results in the iMatch system. Additional Match Outcome Reports can inform workforce trends and guide growth and development. NRMP’s iMatch system and matching services simplify selection processes, reduce bias, and encourage stable outcomes based on the principles of market design and the following pillars : **Accuracy:** NRMP’s proprietary mathematical matching algorithm places participants based on preferences and creates the best possible outcome. Research on the algorithm was the basis for awarding the 2012 Nobel Prize in Economic Sciences. **Reliability:** NRMP creates a Match schedule to ensure on-time delivery of services with well published and communicated deadlines throughout the matching process. Our iMatch technology is state-of-the-art, highly secure, and confidential allowing Match participants to create their location selection preferences with piece-of-mind. **Integrity:** NRMP Matches foster a spirit of fairness because our services and matching processes are transparent, and all Match participants must adhere to the same rules and deadlines. Accepts and electronically verifies Personal Identity Verification (PIV) credentials Ranking information submitted by a Match participant is visible only to individuals connected with the Match Provides a standardized process based on 70 years of matching expertise Match outcome reports and statistics displayed at the conclusion of each matchFIPS 199 System Categorization - Moderate Service Model - SaaS Deployment Model - Community Cloud Stack / Leveraged Systems - AWS GovCloud A system customizable to each Match sponsor’s particular process: * Specific data fields displayed during participant registration * Branding with Agency logo alongside iMatch logo * Roles and responsibilities of users can be granted or removed specific to their job duties * Multi-tiered levels of access * Email reminders and confirmations with content relevant and detailed to each Match and Agency

NCR Government Cloud

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

NetDocuments Document Management System (DMS)

Authorizations

4

Reuse

3

Service Model

Impact Level

Status

FedRAMP Authorized

Netskope GovCloud

Authorizations

4

Reuse

3

Service Model

Impact Level

Status

FedRAMP Authorized

Netskope GovCloud, a FedRAMP High authorized zero-trust security platform, empowers federal agencies by delivering extensive access to web and cloud applications, implementing the granularity and precision necessary for enforcing zero-trust initiatives. The Netskope GovCloud services platform inspects network traffic to thwart cyber attacks, encompassing both malware and phishing, and integrates advanced security controls to prevent unauthorized data movements. The protective measures are seamlessly instantiated through GovCloud offerings, utilizing a Security Service Edge architecture that significantly simplifies functionality delivery and streamlines operations. Netskope GovCloud stands as the world's largest most performant private Security Service Edge (SSE), furnishing the US Government (USG) with swift and secure network access and serving as an adaptive, risk-based security policy enforcement point (PEP). Netskope GovCloud facilitates federal agencies in extending access to all applications, allowing for the orchestration and adoption of a zero-trust architecture aligned with the objectives outlined in Executive Order 14028, aimed at enhancing the nation's cybersecurity posture. Netskope GovCloud complies with DHS CISA's guidance and EO 14028, providing integration capabilities for all CISA Zero Trust pillars, NIST 800-207, and addressing advanced Department of Defense (DoD) Zero Trust use cases. Recognized as the leader in the Gartner Magic Quadrant for Security Service Edge, Netskope GovCloud is delivered as a Software as a Service (SaaS) from a unified platform, offering versatile SSE capabilities and flexible deployment patterns including: - Application and user activity risk monitoring with User and entity behavior analytics - SSL decryption with decoders for ANY routable web application - Cloud Access Security Broker – API and Active inline - Threat / Malware protection supporting signatures, AI/ML models, static and dynamic analysis - Data Loss Prevention with rules engine and AI/ML based text and image classifiers - Compromised Credential notification, HVA risk reporting and real-time user coaching - File and object quarantine, Forensics, file movement monitoring and legal hold - Open API for workflow orchestration, log exchange, bi-directional risk exchange and threat exchange - Dedicated Egress IP assuring established whitelist continuity

Netskope OneCloud Government

Authorizations

1

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

5

Reuse

162

Service Model

Impact Level

Status

FedRAMP Authorized

NICE CXone Customer Experience Platform

Authorizations

13

Reuse

14

Service Model

Impact Level

Status

FedRAMP Authorized

NinjaOne for Government

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Nintex Drawloop DocGen

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

Nintex Automation Cloud for Government (NAC-G)

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

RunCyberAssurance

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

Nucleus for Government (NucleusGov)

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

WorldShare Management Services

Authorizations

7

Reuse

6

Service Model

Impact Level

Status

FedRAMP Authorized

Odaseva GovCloud

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

Okta IDaaS Government High Cloud (GHC)

Authorizations

8

Reuse

26

Service Model

Impact Level

Status

FedRAMP Authorized

Okta for Government High service offering provides centralized identity and access management capabilities to customers who want to manage access across any application or device, whether they are on-premises in the customer’s office/data center or in the cloud. The Okta IDaaS platform is the primary application platform provided to customers. The IDaaS application provides several important features/capabilities, which are listed below. - Universal Directory: Okta Universal Directory provides a single view across all these groups with AD and LDAP directory integrations and out-of-the-box connections with HR systems, CSV files, and third-party IdPs. Integration with Applications: Okta comes with pre-integrated applications that customers can select to allow their users to access them through the Okta Integration Network, either in their enterprise or in a cloud - Okta API Integration: Customers can also integrate their own applications with Okta API - Okta Sign-In Widget (SIW): SIW is the out of the box end user experience that our customers can deploy in an Okta hosted environment. SIW provides configurable user registration, sign in and recovery experience. - Okta Software Development Kit (SDKs): SDKs allow customers to build their own identity experience using Okta as a back end. - Okta Customer Organization Logging: Okta’s prebuilt monitoring, logging, and reporting tools make it easy to analyze security posture, user access events, lifecycle management transitions, security risks and other identity-related data. - Okta Admin Dashboard: Okta’s Admin Dashboard provides central administration and provisioning of users and the applications they can access. - Adaptive Multi-Factor Authentication (aMFA): Adaptive MFA provides an additional layer of security for access control, which gives Okta customers the ability to create contextual access policies that assess risk factors such as device, network, location, travel, IP, and other context at each step of the authentication process. Single Sign-On (SSO): Okta SSO creates a seamless user experience by providing single sign-on to all the web and mobile applications users need to access. - Okta Verify: Okta Verify is Okta’s native desktop and mobile application that can be used for mobile client-based MFA authentication. Okta Verify supports the following authentication mechanisms against a customers’ organization: Time-based One-time Password (TOTP), Okta Push Challenge-Response, and Okta FastPass (signed once challenge) - Okta FastPass - NIST 800-63B AAL2/AAL3 authenticator

Okta IDaaS Regulated Cloud

Authorizations

38

Reuse

604

Service Model

Impact Level

Status

FedRAMP Authorized

OneSpan Sign, E-Signature and Digital Signature Service

Authorizations

3

Reuse

2

Service Model

Impact Level

Status

FedRAMP Authorized

OneStream Cloud - High

Authorizations

16

Reuse

15

Service Model

Impact Level

Status

FedRAMP Authorized

OnSolve Platform for Critical Event Management

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

Onspring GovCloud

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Ontario Cloud Federal (OCF)

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

OpenText Cloud for Government

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

OpenText™ Core Application Security (Fortify On Demand)

Authorizations

9

Reuse

9

Service Model

Impact Level

Status

FedRAMP Authorized

OpenWater Awards

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

Oracle Enterprise Performance Management (EPM)

Authorizations

9

Reuse

8

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

5

Reuse

4

Service Model

Impact Level

Status

FedRAMP Authorized

Oracle Service Cloud (OSvC)

Authorizations

8

Reuse

10

Service Model

Impact Level

Status

FedRAMP Authorized

Federal Managed Cloud Services

Authorizations

9

Reuse

8

Service Model

Impact Level

Status

FedRAMP Authorized

Oracle Guided Learning (OGL)

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

Government Cloud - Common Controls

Authorizations

5

Reuse

30

Service Model

Impact Level

Status

FedRAMP Authorized

Oracle Cloud Infrastructure-Government Cloud

Authorizations

15

Reuse

39

Service Model

Impact Level

Status

FedRAMP Authorized

Taleo Cloud - U.S. Government Cloud

Authorizations

3

Reuse

2

Service Model

Impact Level

Status

FedRAMP Authorized

Aconex for Defense

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

OrbusInfinity Federal

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Orca Cloud Security Platform

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Own Government Cloud

Authorizations

5

Reuse

4

Service Model

Impact Level

Status

FedRAMP Authorized

PagerDuty Operations Cloud

Authorizations

1

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

Palantir Federal Cloud Service – Supporting Services (PFCS-SS)

Authorizations

2

Reuse

10

Service Model

Impact Level

Status

FedRAMP Authorized

The PFCS-SS is a dedicated environment for the purpose of delivering best-of-breed commercial software to federal government customers as a secure cloud service at the FedRAMP High baseline. The software deployed to PFCS-SS is commercially available software configured to run on PFCS’ Kubernetes infrastructure and leverage PFCS’ management plane services. This includes: Grafana Federal Cloud - A fully managed, highly scalable observability platform, powered by Grafana Mimir for Prometheus metrics, Grafana Loki for logs, Grafana Tempo for traces, and Grafana, the de facto standard for data visualization. SpecterOps BloodHound Enterprise - See your organization from the attacker’s view, BloodHound Enterprise is an Attack Path Management solution that continuously maps and quantifies identity Attack Paths in Active Directory and Azure. Rizkly - a compliance program management platform that automates documentation, control evidence, monitoring, SSP, OSCAL and audit success so organizations can achieve and sustain FedRAMP, 800-53 and CMMC compliance with confidence. Manifest Cyber - provides software supply chain security, generating and ingesting SBOMs and AIBOMs, monitoring vulnerability databases like NVD and OSV, contextualizing with EPSS and KEV exploitability databases, supporting compliance with regulations such as Executive Order 14028 and the EU's Cyber Resilience Act, and aiding in copyleft-licensed software identification and third-party risk management. Hyperscience Hypercell - an AI platform with a proprietary model-based architecture that reads and understands all forms of content with 99% accuracy and 98.5% automation, scaling across the enterprise while ensuring auditability, governance, and security using private enterprise data. TRM Labs - provides blockchain intelligence to combat crypto-facilitated crime and support agency compliance, enabling investigation, monitoring, and detection of fraud by tracing cryptocurrency transactions across 30 blockchains and over 70 million digital assets in a unified graph. Windsurf - provides a suite of AI coding tools to accelerate developer productivity, including the Windsurf Plugins for popular IDEs like VSCode, JetBrains IDEs, and Eclipse as well as its own A-native IDE, the Windsurf Editor. Windsurf leverages state-of-the-art AI models and advanced context-awareness capabilities to deliver tools like fast autocomplete, codebase-aware Chat, and agentic coding capabilities. Enterprise developer teams rely on Windsurf to increase developer velocity, reduce onboarding times, and reduce tech debt. Windsurf was previously known as Codeium.

Palantir Federal Cloud Service – Moderate

Authorizations

6

Reuse

5

Service Model

Impact Level

Status

FedRAMP Authorized

Palantir Federal Cloud Service - High

Authorizations

9

Reuse

16

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Strata: ● Prisma Access - a Secure Access Service Edge (SASE) that provides scalable, cloud-delivered networking and security to branch offices and remote users. With Prisma Access, agencies are able to rapidly enable consistent, secure connectivity for remote locations and employees. ● Prisma SD-WAN - a product that provides deep application visibility, with Layer 7 intelligence for network policy creation and traffic engineering. It automates operations and problem avoidance using machine learning and data science methodologies. Prisma SD-WAN enables branch services such as networking and security to be delivered from the cloud, simplifying WAN management. ● Cloud Manager for Prisma Access - a cloud delivered solution used by customers to manage Prisma Access from Palo Alto Networks’ Hub. Fawkes allows customers to quickly onboard branches and mobile users through an intuitive and function oriented user experience. Fawkes also provides configuration management of Prisma Access’ security policies. ● Cortex Data Lake (CDL) - collects, normalizes, and integrates data from Palo Alto Networks products with public cloud scale. ● WildFire - an analysis and prevention engine for highly evasive zero-day exploits and malware. The cloud-based service employs a unique multi-technique approach combining dynamic and static analysis and innovative machine learning techniques to detect and prevent even the most evasive threats. It is a subscription service that works with the Palo Alto Networks Next Generation Firewalls (including VM-Series and CN-Series), Prisma Access, Prisma Cloud, Cortex XSIAM, and Cortex XDR. ● SaaS Security (Inline, SSPM) - is an integrated CASB (Cloud Access Security Broker) solution that helps Security teams meet the challenges of protecting the growing availability of sanctioned and unsanctioned SaaS applications and maintaining compliance consistently in the cloud while stopping threats to sensitive information, users and resources. SaaS Security Inline helps discover and manage risks posed by unsanctioned SaaS applications while SaaS Security Posture Management (SSPM) helps detect and remediate misconfigured security settings in sanctioned SaaS applications through continuous monitoring. ● Inline DLP - serves as a data security service integrated with various Palo Alto Networks services (called channels) such as SaaS Security, Prisma Access, Prisma Cloud, and the Next Generation Firewall platform to provide data security at these various enforcement points. These channels send files to the DLP service via APIs, where DLP will scan the file, perform analysis to detect sensitive data in violation of customer policies in the file, and return this verdict and other data back to the channel. The channel then uses this information to take remedial action in order to protect sensitive data. ● ACE - a generic platform that enables the firewall or Panorama to download App-IDs from the cloud for applications that do not have specific predefined App-IDs from the Palo Alto Networks content releases. ● CIE - Identity-based security controls are a foundational requirement to achieve Zero Trust. Palo Alto Networks Cloud Identity Engine is an entirely new cloud-based architecture for identity-based security that can consistently authenticate and authorize your users, regardless of location and where user identity stores live - on-premises, in the cloud, or hybrid. As a result, security teams can effortlessly allow all users access to applications and data everywhere and quickly move toward a Zero Trust security posture. ● MSP for Prisma SASE - a set of two services (pa-passthru-api-service and pa-custom-api-service) that provide APIs to support the following functionality: Aggregate application, application usage, threats and URL metrics across tenants in a tenant hierarchy Constrain the list of tenants being aggregated to the list of tenants that are authorized for the user in question ● App Services (Hub, API Gateway, Visualization & Reporting, Prisma Access Insights) ○ API Gateway supports unified access to the open APIs of PANW SASE applications. Currently, API Gateway is used by Cloud Management Prisma Access, SD-WAN, Cortex Data Lake (CDL), and Prisma Access Insights customers. Working in conjunction with PANW Global IdP (Identity Provider), which provides authentication services, API Gateway provides authorization services for RESTful API and routing those APIs to multiple applications and regions. ○ Prisma Access Insights is a comprehensive platform for global visibility and monitoring for the Prisma Access service. It continuously monitors the health and performance of your Prisma Access environment with Insights in the Prisma Access app. ○ Visualization & Reporting is the security visualization and reporting product for network security use cases. It provides dashboards to end users to monitor and understand the security of their networks and how different security subscriptions from Palo Alto Networks are performing. Cortex: ● Cortex XDR - a cloud-based service providing a prevention, detection and response platform that integrates network, endpoint, and cloud data to stop sophisticated attacks. Cortex XDR leverages logs, alerts, and information from Palo Alto Networks and third-party security products. It also enforces security policies on endpoints, preventing malware and data loss. Cortex XDR correlates security alerts and network logs with the endpoint processes that generated the alerts, allowing customers to investigate security alerts, as well as search for and remotely respond to threats. ● Cortex Xpanse - an active attack surface management solution that helps your organization discover, understand and respond to unknown risks in all internet-connected systems and services. Xpanse scans the entire internet automatically and continuously, discovering and indexing previously unknown risks, using supervised ML models to continuously map your attack surface and prioritize remediation efforts, while reducing MTTR with the help of built-in automated playbooks. ● Cortex XSIAM - a cloud-delivered, integrated SOC platform that unifies key functions, including EDR, XDR, SOAR, ASM, UEBA, TIP, and SIEM, consolidating multiple products into a single, integrated platform. XSIAM delivers an intelligent data foundation by integrating telemetry from any source, providing unified security operations across any hybrid IT architecture. ● Cortex XSOAR - a comprehensive security orchestration, automation, and response (SOAR) platform that unifies case management, automation, real-time collaboration, and threat intelligence management to serve security teams across the incident lifecycle. ● Cortex Cloud - a unified security platform that enhances application security, cloud posture management and runtime protection. It integrates AppSec, identity, data, cloud infrastructure, and workload security while providing a code-to-cloud-to-runtime-to-SOC approach. With a strong shift-left strategy, it enables proactive remediation using both in-house and third-party tools. The Cloud Detection and Response (CDR) capabilities leverage multiple data sources to deliver real-time threat detection, protection and automated response. (Authorized as of May 2025, please reach out to sales for availability) Prisma Cloud Enterprise (SaaS): ● Prisma Cloud - a cloud-native security platform that consistently provides comprehensive visibility into misconfiguration and over-permissive roles, with threat detection and compliance assurance across multi-cloud environments. ○ CSPM ○ Agentless Workload Security ○ CIEM ○ API Visibility ○ Secret Security ○ SCA ○ IaC Security ● Prisma Cloud Compute (Delivered via Prisma Cloud) - a cloud-native platform that delivers cloud workload protection. Prisma Cloud Compute provides holistic protection across hosts, containers, and serverless deployments in any cloud, throughout the software lifecycle. Prisma Cloud Compute protects all workloads regardless of their underlying compute technology or the cloud in which they run. In addition, it provides Web Application and API Security (WAAS) for any cloud native architecture. ○ Cloud Workload Protection ○ Web Application API Security

Palo Alto Networks Government Cloud Services

Authorizations

27

Reuse

91

Service Model

Impact Level

Status

FedRAMP Authorized

Strata Network Security Platform Secure users, apps, and data anywhere— on-premises, in the cloud, or hybrid. Get complete Zero Trust network security to see and secure everything from your headquarters to branch offices and data centers, as well as your mobile workforce. Prisma Access - a Secure Access Service Edge (SASE) that provides scalable, cloud-delivered networking and security to branch offices and remote users. With Prisma Access, agencies are able to rapidly enable consistent, secure connectivity for remote locations and employees. ZTNA Connector - The Zero Trust Network Access (ZTNA) Connector lets you connect Prisma Access to your organization's private apps simply and securely. ZTNA Connector provides mobile users and users at branch locations access to your private apps using an automated secure tunnel. Because the ZTNA Connector sets up the tunnels automatically, you don't have to manually set up IPSec tunnels and routing to the data center or headquarters locations, public cloud locations, and partner networks where your private apps are located. (Authorized as of February 2025, please reach out to sales for availability) Colo Connect - Colo-Connect builds on the Colo-based performance hub concept, offering high-bandwidth (up to 20 Gbps) private connections along with seamless Layer 2/3 connectivity to Prisma Access from existing performance hubs. (Authorized as of February 2025, please reach out to sales for availability) Traffic Replication - We partnered with Google Cloud Platform (GCP) to enable Google Cloud Packet Mirroring outside the Prisma Access security processing node so it wouldn’t interfere with the security inspection efficacy and overall performance of Prisma Access.Google Cloud Packet Mirroring clones the traffic and delivers a line-rate performance with zero impact on current operations. As with any GCP service, traffic cloning enables Prisma Access Traffic Replication to elastically manage the scale of traffic volume for any of the largest organizations. (Authorized as of February 2025, please reach out to sales for availability) 5g SASE - Prisma SASE 5G extends comprehensive zero-trust security to enterprise 5G deployments. Prisma SASE 5G feature integrates zero-trust security with 5G networks, enabling service providers to offer comprehensive SASE services for 5G-connected devices without the complexity of agents or inline hardware. (Authorized as of February 2025, please reach out to sales for availability) Explicit Proxy - Prisma Access provides a complete cloud Secure Web Gateway (SWG) capability, including an Explicit Proxy connection method based in the cloud. If your organization’s existing network already uses explicit proxy and deploys PAC files on your client endpoints, you can smoothly migrate from legacy proxy-based SWG solutions to Prisma Access to secure mobile users’ outbound internet traffic. You can also use an Explicit Proxy if you need to use a proxy for compliance purposes. (Authorized as of February 2025, please reach out to sales for availability) Prisma SD-WAN - a product that provides deep application visibility, with Layer 7 intelligence for network policy creation and traffic engineering. It automates operations and problem avoidance using machine learning and data science methodologies. Prisma SD-WAN enables branch services such as networking and security to be delivered from the cloud, simplifying WAN management. Strata Cloud Manager (SCM) for Prisma Access - a cloud delivered solution used by customers to manage Prisma Access from Palo Alto Networks’ Hub. Strata Cloud Manager allows customers to quickly onboard branches and mobile users through an intuitive and function oriented user experience. Strata Cloud Manager also provides configuration management of Prisma Access’ security policies. (Authorized as of February 2025, please reach out to sales for availability) Cloud Next-Generation Firewall (CNGFW) - Cloud NGFW is Palo Alto Networks ML-powered Next-Generation Firewall (NGFW) capability delivered as a fully managed cloud-native service by Palo Alto Networks on the Amazon Web Services (AWS) and Azure platforms. This deployment model combines the power of the Palo Alto NGFW with the ease of use. The Cloud NGFW service provides advanced application visibility and access control using Palo Alto Networks’ App-ID and URL filtering technologies. It provides threat prevention and detection through cloud-delivered security services and threat prevention signatures. (Authorized as of February 2025, please reach out to sales for availability) AIOps - AIOps harnesses big data from operational appliances and has the unique ability to detect and respond to issues instantaneously. Using the power of ML, AIOps strategizes using the various forms of data it compiles to yield automated insights that work to refine and iterate continually. AIOps seeks to address a quickly evolving IT landscape using the convenience of machine learning, automation and big data. (Authorized as of February 2025, please reach out to sales for availability) Remote Browser Isolation (RBI) - Fully isolate zero-day web attacks far away from local devices and browsers. Deliver superior browser isolation without sacrificing web performance with Palo Alto Network’s RBI, which combines the latest isolation technologies with proprietary technologies and creates a no-code execution channel between users and web content. (Authorized as of February 2025, please reach out to sales for availability) Strata Logging Service (SLS, formerly CDL) - collects, normalizes, and integrates data from Palo Alto Networks products with public cloud scale. WildFire - an analysis and prevention engine for highly evasive zero-day exploits and malware. The cloud-based service employs a unique multi-technique approach combining dynamic and static analysis and innovative machine learning techniques to detect and prevent even the most evasive threats. It is a subscription service that works with the Palo Alto Networks Next Generation Firewalls (including VM-Series and CN-Series), Prisma Access, Prisma Cloud, Cortex XSIAM, and Cortex XDR. SaaS Security (API, Inline, SSPM) - is an integrated CASB (Cloud Access Security Broker) solution that helps Security teams meet the challenges of protecting the growing availability of sanctioned and unsanctioned SaaS applications and maintaining compliance consistently in the cloud while stopping threats to sensitive information, users and resources. SaaS Security Inline helps discover and manage risks posed by unsanctioned SaaS applications while SaaS Security Posture Management (SSPM) helps detect and remediate misconfigured security settings in sanctioned SaaS applications through continuous monitoring. Inline DLP - serves as a data security service integrated with various Palo Alto Networks services (called channels) such as SaaS Security, Prisma Access, Prisma Cloud, and the Next Generation Firewall platform to provide data security at these various enforcement points. These channels send files to the DLP service via APIs, where DLP will scan the file, perform analysis to detect sensitive data in violation of customer policies in the file, and return this verdict and other data back to the channel. The channel then uses this information to take remedial action in order to protect sensitive data. Email DLP - Enterprise DLP prevents exfiltration of emails containing sensitive information with AI/ML powered data detections. For example, Enterprise DLP can prevent exfiltration of sensitive data over an outbound email sent from a salesperson within your organization to their personal email. (Authorized as of February 2025, please reach out to sales for availability) ACE - a generic platform that enables the firewall or Panorama to download App-IDs from the cloud for applications that do not have specific predefined App-IDs from the Palo Alto Networks content releases. CIE - Identity-based security controls are a foundational requirement to achieve Zero Trust. Palo Alto Networks Cloud Identity Engine is an entirely new cloud-based architecture for identity-based security that can consistently authenticate and authorize your users, regardless of location and where user identity stores live - on-premises, in the cloud, or hybrid. As a result, security teams can effortlessly allow all users access to applications and data everywhere and quickly move toward a Zero Trust security posture. IoT Security - Protects your IoT attack surface with the industry’s smartest IoT Security solution delivering ML-powered visibility, prevention, and zero-trust enforcement in a single platform. IoT Edge Cloud now included. MSP for Prisma SASE - a set of two services (pa-passthru-api-service and pa-custom-api-service) that provide APIs to support the following functionality: Aggregate application, application usage, threats and URL metrics across tenants in a tenant hierarchy Constrain the list of tenants being aggregated to the list of tenants that are authorized for the user in question App Services (Hub, API Gateway, Visualization & Reporting, Prisma Access Insights) API Gateway supports unified access to the open APIs of PANW SASE applications. Currently, API Gateway is used by Cloud Management Prisma Access, SD-WAN, Cortex Data Lake (CDL), and Prisma Access Insights customers. Working in conjunction with PANW Global IdP (Identity Provider), which provides authentication services, API Gateway provides authorization services for RESTful API and routing those APIs to multiple applications and regions. Prisma Access Insights is a comprehensive platform for global visibility and monitoring for the Prisma Access service. It continuously monitors the health and performance of your Prisma Access environment with Insights in the Prisma Access app. Telemetry Data Ingestion from Prisma Access Firewalls Firewall Log Data Ingestion from Cortex Data Lake Data Analyzation and Processing Pipelines Data Presentation to User via Prisma Access UI Data retrieval via API service Visualization & Reporting is the security visualization and reporting product for network security use cases. It provides dashboards to end users to monitor and understand the security of their networks and how different security subscriptions from Palo Alto Networks are performing. Advanced Threat Prevention (ATP) - Advanced Threat Prevention Powered by Precision AI defends your network against both commodity threats—which are pervasive but not sophisticated—and targeted, advanced threats perpetuated by organized cyber adversaries. Advanced Threat Prevention includes comprehensive exploit, malware, and command-and-control protection, and Palo Alto Networks frequently publishes updates that equip the firewall with the very latest threat intelligence. (Authorized as of February 2025, please reach out to sales for availability) Prisma Access Browser (PAB) - The Prisma Access Secure Enterprise Browser (Prisma Access Browser) is a browser designed specifically for enterprise use and is fortified with security features to protect users and organizations against cyber threats like phishing, malware, eavesdropping, and data exfiltration. Prisma Access Browser is the only solution that secures both managed and unmanaged devices, through a natively integrated enterprise browser that extends protection to the devices by placing security in the browser. (Authorized as of February 2025, please reach out to sales for availability) Cortex Palo Alto Networks offers the industry’s most comprehensive product portfolio for security operations, empowering organizations and agencies with best-in-class detection, investigation, automation, and response capabilities. Cortex XDR - a cloud-based service providing a prevention, detection and response platform that integrates network, endpoint, and cloud data to stop sophisticated attacks. Cortex XDR leverages logs, alerts, and information from Palo Alto Networks and third-party security products. It also enforces security policies on endpoints, preventing malware and data loss. Cortex XDR correlates security alerts and network logs with the endpoint processes that generated the alerts, allowing customers to investigate security alerts, as well as search for and remotely respond to threats. Cortex Xpanse - an active attack surface management solution that helps your organization discover, understand and respond to unknown risks in all internet-connected systems and services. Xpanse scans the entire internet automatically and continuously, discovering and indexing previously unknown risks, using supervised ML models to continuously map your attack surface and prioritize remediation efforts, while reducing MTTR with the help of built-in automated playbooks. Cortex XSIAM - a cloud-delivered, integrated SOC platform that unifies key functions, including EDR, XDR, SOAR, ASM, UEBA, TIP, and SIEM, consolidating multiple products into a single, integrated platform. XSIAM delivers an intelligent data foundation by integrating telemetry from any source, providing unified security operations across any hybrid IT architecture. Cortex XSOAR - a comprehensive security orchestration, automation, and response (SOAR) platform that unifies case management, automation, real-time collaboration, and threat intelligence management to serve security teams across the incident lifecycle. Cortex Cloud - a unified security platform that enhances application security, cloud posture management and runtime protection. It integrates AppSec, identity, data, cloud infrastructure, and workload security while providing a code-to-cloud-to-runtime-to-SOC approach. With a strong shift-left strategy, it enables proactive remediation using both in-house and third-party tools. The Cloud Detection and Response (CDR) capabilities leverage multiple data sources to deliver real-time threat detection, protection and automated response. (Authorized as of February 2025, please reach out to sales for availability) Prisma Cloud Enterprise (SaaS) We secure applications from code to cloud, enabling security and DevOps teams to collaborate effectively and accelerate secure cloud-native application development and deployment. Prisma Cloud - a cloud-native security platform that consistently provides comprehensive visibility into misconfiguration and over-permissive roles, with threat detection and compliance assurance across multi-cloud environments. CSPM Agentless Workload Security CIEM API Visibility Secret Security SCA IaC Security Prisma Cloud Compute (Delivered via Prisma Cloud) - a cloud-native platform that delivers cloud workload protection. Prisma Cloud Compute provides holistic protection across hosts, containers, and serverless deployments in any cloud, throughout the software lifecycle. Prisma Cloud Compute protects all workloads regardless of their underlying compute technology or the cloud in which they run. In addition, it provides Web Application and API Security (WAAS) for any cloud native architecture. Cloud Workload Protection Web Application API Security

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Paperless Innovations, with our Actus solution, has repositioned GPC utilization and funds management processes as a government-wide shared service under the auspices of Treasury Management available on the FM QSMO Marketplace. Actus is eligible for direct award under pre-competed terms on GSA MAS contract # 47QTCA24D002X utilizing SIN 518210FM (Financial Management) and 54151ECOM (Ecommerce). Our end-to-end (E2E) process optimizations are inclusive of requisitions, obligations, order and transaction processing, settlements, close-out of commitments, records management, and audit. Agencies benefit operationally by adopting FedRAMP secured Cloud-based Government Purchase Card (GPC) processes supporting accurate and timely close-outs of commitments in their preferred financial system. Paperless Innovations, Inc. is committed to enabling GPC spend under management to improve the efficiency and accuracy of government purchase card programs as a compliant financial instrument on par with all Treasury disbursements. Actus eliminates improper payments in the GPC Program utilizing secure, best of breed practices including RPA workflow automations, intelligent digital document authentication with data validation on required forms and attachments, providing financial accuracy and reliability with real-time status of funds, automated reconciliation, and inherent internal controls enforcement. Actus is currently in daily use by thousands of government cardholders and Approving Officials with implementations including end-to-end regulatory and compliance automation for Purchase Card Program Management, cardholders, and associated approvers, requestors, financial managers, and auditors. As directed in OMB Memorandum A-123, Appendix B, Risk Management Guidelines for Government Purchase Card Programs, Agencies should seek cloud automation solutions enabling GPC financial management, internal controls, and prevention of improper payments in avoidance of fraud, waste, and abuse. The OMB guidance is based on 3 pillars of operational excellence: Accountability, Compliance, and Transparency. - Accountability - Actus helps agencies paint a complete and total picture of each expense, eliminating guesswork, human error, and manual data entry tracking. Workflow automations ensure all Agency policies supporting separation of duties, improper payments reduction, and avoidance of split purchases are inherently enforced. - Compliance - Simplified, structured data is at the heart of compliance automation ensuring adherence to Agency policies and acquisition regulations. The Actus solution streamlines and automates oversight processes while maintaining rich transactional records for instant audit reporting. Actus furthers the regulatory mission of each agency with intelligent digital document processing using AI for records authentication, validation, retention, and disposal of purchase records presented as supporting documentation by cardholders. Adoption of Actus itself satisfies and supplements Federal paperless mandate compliance as well as DATA Act, IPERA, IPERIA, Public Law 115 The Evidence Act, M-19-16 Shared Services, A-11 Preparation, Submission, and Execution of the Budget, and more. - Transparency - Actus enables real time visibility over the status of funds in Government Purchase Card Programs, enabling Agencies to maximize GPC purchasing efficiency throughout the entire federal fiscal year. Actus presents role-specific dashboards enabling full visualization of all workflow processes, transactional data, and documents on a need-to-know, right-to-know basis. Audit automation occurs with every upload of bank transactions without requiring manual packet creation by cardholders and enables inspection of every detail of each purchase made within a selected time frame in a unified, streamlined format. Actus elevates GPC financial management to the level of any other public funds obligation, supports accounting with financial system integration, enables informed budgeting with detailed item level transaction data, configures and customizes instant reporting, and unlocks actionable data for analytics, records examination, and transactions investigation. Actus increases Agency confidence to maximize refunds with daily bill pay and enables the use of purchase cards up through $25,000 in coordination with blanket purchases and standing orders. P-Card Compliance Automation Features: - Custom Approval Workflows - Financial Data Capture - Full Lifecycle Spend Tracking - Cloud Storage of Reconciliation Packets - Dashboard Visualization of data & documents - Automated Reconciliation Statements - Structured Item Level (Level 3) Data - Merchant Class Code Tracking - Suspicious Pattern & Activity Detection - Alerts for Each Stage of Transaction - Transactional Keyword Search - Bank Statement Transaction Matching - Auto-Matched Transactions - Travel Expense Tracking and Management - Daily, Weekly, or Monthly Reconciliation - PIV/CAC authentication - Simplified documentation in support of G-Invoicing - Live Agent Contact Center and Customer Services - Actus web app runs on all modern browsers

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

The Paramify Cloud (Paramify) is a software platform that automates risk management processes—including compliance planning, solution implementation, gap assessments, and documentation—for cloud service providers, government agencies, and members of the Defense Industrial Base (DIB). Paramify supports adherence to control catalog requirements including NIST 800-53 (FedRAMP, FISMA, GovRAMP, TX-RAMP), NIST 800-171 (CMMC), and standards such as SOC 2, HIPAA, and ISO 27001, with support for additional catalogs and profiles continually expanding. SSP and ATO Package Management ∙ Fast and Easy Setup: Upload previous SSPs or use the intake process to identify your system’s elements and security capabilities. Paramify then generates a roadmap to support your risk management and compliance objectives. ∙ Streamlined Control Implementation & Optimization: Visualize progress and manage security program capabilities through a unified dashboard that tracks system elements and responsibilities. ∙ ATO Package Generation: Produce accurate SSP documentation in both digital (OSCAL) and human-readable formats, with flexible export options that support various file types, including but not limited to OSCAL, PDF, Word, and Excel. ∙ Incorporate Changes Efficiently: As your risk management approach evolves, maintaining stack profiles in Paramify reduces manual update errors across documentation. Paramify automatically synchronizes updates to your SSP, CRM, CIS, policies, procedures, and other records to support compliance with evolving data protection requirements. Continuous Monitoring and Issue Management ∙ Automated POA&M Documentation: Automatically manage and update POA&M documentation via a centralized task-priority view, eliminating the need to manage from multiple spreadsheets or scan files. ∙ Vulnerability Management with Duplicate Detection: Automatically close resolved vulnerabilities and employ duplicate detection to ensure accurate issue tracking. ∙ Automated Risk Adjustment: Apply risk adjustments across multiple issues automatically to support consistent prioritization of remediation efforts. ∙ Automated Inventory Reconciliation: Configure and maintain inventory reconciliation rules to generate accurate workbooks automatically, without manual review of scan files—including those for ephemeral virtual hosts. Integration with Your Organization’s Processes ∙ Workflow Management: Integrate with issue management tools (e.g., Jira, ServiceNow, GitLab) to facilitate collaboration between DevOps and security teams for timely issue remediation. ∙ Evidence Management: Unified evidence approach that minimizes or eliminates duplicate collection efforts. ∙ API Integrations: Paramify’s open API supports custom integrations with system components to facilitate connectivity and interoperability. Available in SaaS and self-hosted implementations.

Palladium (PerformanceFIT2)

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

Pearson Federal Cloud System

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Pega Cloud for Government

Authorizations

6

Reuse

5

Service Model

Impact Level

Status

FedRAMP Authorized

TransAccess GovCloud Records (GCR)

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Gov Cloud Records (GCR) Service Description: The Gov Cloud Records (GCR) system, developed and maintained by Peniel Solutions LLC, is a Software-as-a-Service (SaaS) solution hosted within the AWS FedRAMP-authorized GovCloud environment. The GCR platform is designed to support secure electronic records management for federal agencies, aligning with NARA and HUD requirements. The GCR CSO includes the following components, functions, and features within its FedRAMP authorization boundary: a. User Access and Identity Management: Role-based access control (RBAC) is enforced using AWS Identity and Access Management (IAM) and internal policies. Multi-factor authentication (MFA) is required for all users, with session timeouts and account lockout mechanisms in place. b. Data Protection: All data is encrypted at rest and in transit using FIPS 140-2 validated cryptographic modules. AWS Key Management Service (KMS) is used for key management. c. Audit and Logging: Comprehensive audit logging is implemented using AWS CloudTrail and CloudWatch. Logs capture user activity, system events, and security-relevant actions, and are retained in accordance with M-21-31. d. System Monitoring and Incident Response: Continuous monitoring is conducted using AWS-native tools (e.g., GuardDuty, CloudWatch). An incident response plan is in place, aligned with NIST SP 800-61. e. Configuration and Change Management: Configuration baselines are maintained using AWS System Manager and GitHub repositories. Changes are managed through a formal change control process with impact analysis and rollback capabilities. f. Contingency Planning: GCR implements automated backups using AWS Backup, with recovery objectives defined to ensure continuity of operations. Alternate processing and storage sites are provisioned within AWS GovCloud. g. Security Training and Awareness: All personnel undergo annual security awareness and role-based training. Training records are maintained internally and reviewed regularly. h. Boundary Definition: The authorization boundary includes all components hosted within AWS GovCloud, including EC2 instances, S3 storage, RDS databases, and associated networking and security services. No external systems or users are permitted access. This service description reflects only the features and components that are tested and accredited as part of the FedRAMP authorization boundary

Next Generation Cloud Platform

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Perceptyx Insights Platform

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Pexip Government Cloud (PGC)

Authorizations

3

Reuse

2

Service Model

Impact Level

Status

FedRAMP Authorized

Pexip Government Cloud is a SaaS-based video teleconferencing (VTC) solution for U.S. federal, state, and local government organizations. With Pexip, government customers can augment their existing on-premise VTC infrastructure with a subscription-based service model while retaining ownership of their specific endpoint dial plan and call control routing rules. By migrating to a SaaS or hybrid service model, government organizations maintain operational control of their endpoints and systems without incurring the long-term costs of developing and maintaining additional infrastructure. Pexip Government Cloud’s secure VTC platform brings the modernized meeting experience to the government user base in the following ways: • Microsoft-certified Cloud Video Interoperability (CVI) for Microsoft Teams – Helps agencies securely collaborate on Microsoft Teams in their hybrid workplace. With Pexip Government Cloud, employees can join Microsoft Teams calls from their existing standards-based meeting room video systems as well as enterprise-class standards-based soft clients. • Bi-Directional SIP Dialing for Windows-Based Microsoft Teams Rooms (MTRw) – Expanding on Pexip’s CVI capability, this feature enables SIP-based video conferencing endpoints to call directly into Microsoft Teams Rooms (MTR) running on Windows, and vice versa. This allows government agencies to integrate MTRw into their broader VTC ecosystem, ensuring seamless cross-platform collaboration. • Google Meet Interoperability – Enables agencies to seamlessly connect standards-based VTC systems directly into Google Meet meetings using native SIP dialing. This allows government users to leverage existing room-based video conferencing hardware to join Google Meet sessions without additional plugins or workarounds, ensuring a secure, seamless, and familiar meeting experience. • Standards-Based Virtual Meeting Rooms (VMRs) – Supports customer VTC endpoint devices and clients, featuring Pexip’s native CMVP-validated FIPS 140-3 encryption suite, ensuring secure and compliant video communications. • Self-Hosted Platform Integration – Enables hybrid VTC deployments where Pexip Government Cloud extends the customer’s existing self-hosted platform. This integration allows VTC systems to seamlessly connect with enterprise third-party applications, support calendaring integrations for simplified end-user join flows, and align with global policy frameworks such as Zero Trust Architecture (ZTA) and Secure Access Service Edge (SASE).

Authorizations

10

Reuse

9

Service Model

Impact Level

Status

FedRAMP Authorized

Pitney Bowes SendPro 360 Sending, Receiving, and Locker Management Solution Pitney Bowes SendPro 360 is a comprehensive, cloud-based sending, receiving, locker management, and analytics solution that powers your mailroom operations for maximum efficiency and transparency. Multi-Carrier Shipping and Mailing SendPro 360 makes mailing and shipping quick and easy by empowering departments with the flexibility to send in the way that’s right for them. Users save time and money by printing stamps directly from the online interface and by accessing SendPro 360 multi-carrier shipping functionality to compare rates and print labels across major carriers. The ability to track spend and activity by account or department, facilitates project or departmental chargebacks for accurate accounting. SendPro360 includes a dedicated certified and electronic return receipt (ERR) and registered mailing process with proof of delivery reporting. Also, qualified users can prepare ship requests for packages sent to the mailroom for processing. Package Receiving, Tracking and Delivery The SendPro 360 platform automates the process of receiving, tracking, and delivering incoming packages and mail through a simple scan of a barcode. Manually logging items instantly becomes a process of the past. It can configure delivery routes, provide lists of packages, and has the ability to manage assets. Package tracking notifications via email and SMS as well as SLA management simplify and enhance the experience. -The SendPro 360 platform automates the process of receiving, tracking, and delivering incoming packages and mail through a simple scan of a barcode. Smart Locker Management Effectively manage the delivery process of packages, assets, and other important items moving across your organization with SendPro 360 Smart Locker Management capabilities. This software solution is the intelligence behind a physical smart locker and helps ensure safe, secure contactless delivery. It modernizes the pickup process by enabling convenient 24/7 self-service locker access and automates alerts notifying recipients they have an item for pickup while preserving chain-of-custody. Our Smart Locker Management Software allows users to remotely manage or troubleshoot smart lockers across a single site or multiple locations. Plus, it offers extensibility ensuring seamless expansion to additional workflows to meet evolving needs. -These solutions will require customer-provided hardware and will require assessment, authorization, and continuous monitoring of such capabilities by using agencies. Pitney Bowes has the technical expertise to help determine which hardware best meets agency needs and to assist with agency authorization and approval processes. Analytics From smaller mailrooms to multi-location operations, SendPro 360 offers complete visibility into your receiving and sending operations. Dynamic views can be filtered by divisions, locations, cost accounts, and users, across any date range. View and manage postage and shipping spend, and gain insights to your receiving and locker metrics all the way through final delivery to ensure packages and mail are accounted for and delivered on time. Gauge performance, operator efficiency, and resource utilization to ensure service level agreement (SLA) metrics are being met. To locate a package, SendPro 360 provides end-to-end tracking of packages, locker activity, as well as shipping and mailing activity across your government agency.

PlanStreet Case Management System

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

Point Blue Science Cloud

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

PowerCore™ (PC-GOV)

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

PowerTrain Government Learning Enclave - SaaS

Authorizations

17

Reuse

16

Service Model

Impact Level

Status

FedRAMP Authorized

The PowerTrain Government Learning Enclave is a secure cloud environment that hosts the PowerTrain Learning Ecosystem of Software-as-a-Service (SaaS) solutions, including the Callisto Learning Platform powered by Moodle™, Career Voyager Talent Management Platform, LMS-Express, SecureWiki, Drupal™ Secure Baseline for Government, Veracity LRS, and Rustici Content Controller. All applications offer multi-factor authentication and single sign-on options. The Callisto Learning Platform powered by Moodle™ is hardened and secured for government use to provide a comprehensive suite of learning delivery and management tools for enterprises large and small. Included in its approved baseline are the current Moodle™ long term release; Electronic Human Resource Integration (EHRI) data collection and reporting; integrated Authorization, Agreement, and Certification of Training Form (SF-182); Individual Development Plans (IDP); comprehensive registration management for live learning events with adjustable workflow, wait list management, and automated notifications; competency management; lesson plans; mandatory training compliance; configurable reports; and support for multiple tenants. The Career Voyager Talent Platform includes Career Mapping, Leadership Succession Planning, Candidate Review, and PowerSurvey. Career Mapping enables users to map a progressive career ladder of job opportunities within an organization, as well as view skills, abilities, competencies, recommended training, and developmental activities necessary to progress from one position to another; Leadership Succession Planning resources, assessments, tools, and reference materials to promote self-discovery, accelerate career advancement, and support leadership development; Candidate Review System supports talent acquisition efforts for fellowships, technical internships, and other multi-phase, interactive application processes; and PowerSurvey supports a variety of employee data collection and secure reporting efforts. LMS-Express is a powerful, lightweight learning management system designed for targeted asynchronous eLearning content delivery. SecureWiki is a hardened and secure version of MediaWiki™ and includes additional functionality to support the unique reporting requirements of government users. Our Drupal™ Secure Baseline for Government is a hardened and secure version of Drupal™ and includes a number of Drupal™ modules cleared for use in the baseline with the ability to extend functionality. Veracity LRS is a robust solution designed to capture, store, and return data about learning experiences in compliance with the Experience API (xAPI) specifications. It serves as a central repository for learning records, enabling detailed tracking and analysis of learner activities across the components of the PowerTrain Learning Ecosystem. With powerful analytics capabilities, the LRS allows organizations to provide a comprehensive view of learning outcomes and effectiveness, enabling educators to make informed decisions to enhance learning strategies and improve overall educational outcomes. Rustici Content Controller ensures uniform access to training materials such as SCORM 1.2, SCORM 2004 (2nd, 3rd, & 4th editions), AICC, xAPI, cmi5, MP3, MP4, and PDF, enhancing the interoperability and efficiency of content delivery without the need for duplicating course files. This capability not only streamlines the management of eLearning content but also supports seamless, secure, and scalable training deployments. Event Registration System supports online registration for live and virtual events. Moodle™ is a registered trademark of Moodle Pty Ltd or its related affiliates. Drupal™ is a registered trademark of Dries Buytaert. MediaWiki™ is a registered trademark of the Wikimedia Foundation.

Data Integrity Suite

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Privoro Fulcrum Cloud

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

The Project Hosts “GSS One-AWS” PaaS is a Government Only general support system deployed on AWS GovCloud. The GSS One-AWS is composed of systems and services that manage access control, authentication, auditing, monitoring, scanning, patching, configuration management, malware prevention, intrusion prevention, incident response, backup, and disaster recovery for each Application deployed on the GSS One-AWS. All of the systems that make up the GSS1-AWS and the Project Hosts engineers that administer the systems can be leveraged by any customers to meet the security requirements for their systems at FedRAMP High or Il4 Impact levels. There are three main SaaS components customers deployed on the GSS One-AWS system can leverage and are provided by default: - GSS One Portal/Admin Page: The GSS One Portal is a page where customer users and PH support can login to create and manage non privileged users for their organization including revoking access. It also provides them with the ability to upload software binaries to the test environment and screenshots and other supporting artifacts required for support tickets. The GSS One Admin page is accessible only to PH engineers and is used for managing inventory, privileged user maintenance windows and account creation and JIT access and has dashboards for PH engineers to provide a centralized view of each environment. - GSS One Ticketing System: Project Hosts has configured a customer facing support portal for creating and managing support tickets. This allows customers to view all of their relevant tickets, create tickets, upload screenshots and communicate with PH staff through a secure channel. - GSS One Console: GSS One Console is a one stop shop for agency and CSP customers to view relevant information for their system and aid in implementing and maintaining ConMon requirements including a document repo for SSP and appendixes, POA&Ms and vulnerability scans, allows them to manage training, track incidents, track vulnerabilities and other corrective actions, track red teaming activities, view availability monitoring alerts, change control ticketing, link controls to artifacts and evidence to speed up ATO times, centralized up to date contact lists. There are two main types of customers who use the GSS One-AWS: (i) Independent Software Vendors (ISVs) deploying multitenant SaaS applications and (ii) Federal, state or local agencies deploying dedicated applications just for their agency or organization (not multitenant). For both types of customers, their applications are deployed on customer-dedicated virtual servers (or FedRAMP authorized AWS PaaS services) inside customer-dedicated subnets. VPC Firewall access controls ensure that each customer's subnet is completely isolated from and has no access to any other customer's subnet. For GSS One-AWS customers, Project Hosts also provides services that are over and above the PaaS offering described in the GSS One- AWS FedRAMP package and are provided by Project Hosts as a managed service provider for those workloads leveraging the FedRAMP authorized GSS1-AWS tools and services to provide that functionality. Namely, Project Hosts deploys, secures, manages, and provides continuous monitoring for applications that are compatible with the GSS One-AWS architecture, authentication, operating system, database, and access requirements. Many ISVs do not have the staff or knowledge to fully deploy a cloud workload, write security documentation, refactor the application to meet compliance requirements and work with agencies and the PMO to obtain a FedRAMP authorization which leads to wasted time, money, and resources both for government sponsors and the ISVs. Project Hosts works with these software vendors and agencies to quickly deploy the application to the cloud and build out and manage the system for the customers which includes acting as the security and compliance team for the application. In addition, Project Hosts works with these software vendors to document security controls, perform compliance reviews, perform disaster recovery, and advises the ISV on how refactor the application to meet FedRAMP requirements. Project Hosts security compliance team also performs monthly vulnerability scanning include ACAS scans, dynamic web app scans and container image scans and documents and tracks these findings in accordance with continuous monitoring requirements. Among other things the Project Hosts team also performs (for each customer deployed within the GSS1-AWS) monthly baseline compliance scanning, configuration management, patch and vulnerability management, malware prevention and intrusion prevention using HBSS software, incident response reporting, analysis, eradication, and recovery as well as all SOC review and analysis of audit logs and responding/investigating alerts for suspicious activity. Project Hosts deploys systems to monitor workloads for availability and performance issues and proactively take action to ensure maximum uptime and availability. Performing these functions on the ISVs’ behalf allows the software vendors to focus on their core business model in delivering a secure, highly functional application to the agency. For ISV customers, Project Hosts also creates their SaaS-level FedRAMP or DoD package, helps them throughout the agency authorization process, and manages their 3PAO annual assessments. For agency customers or DoD Mission partners, Project Hosts assists them in the creation of their own SSP, manages annual 3PAO scanning and penetration testing of their dedicated applications, and provides a monthly application-level POA&M. Following is a partial list of applications for which Project Hosts is providing these services over and above the GSS One-AWS platform: - San Luis Aviation, Inc. (ESChat) - FutureFeed (FutureFeed) - H20.ai (H20 AI Cloud) - JAMIS (JAMIS Prime) - Telcloud (Telcloud) - Caveonix (Caveonix SaaS Platform) If an agency would like to use one of these Applications or bring in another GSS One-AWS compatible Application, Project Hosts will provide application-level artifacts that will help the agency or mission partner assess the risk of deploying that application in the GSS1-AWS as well as any other documentation or evidence required in order to grant an Authority to Operate (ATO).

GSS One - Azure

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

GSS One-Azure (GSS1-AZ) is delivered as a hybrid offering using a multi-tenant PaaS cloud computing environment. It is available to both private and multitenant customers deployed per the agencies preference and agreements and can be utilized by the following audiences: the public, federal, DoD, state, local, and tribal governments, as well as research institutions, federal contractors, government contractors etc.)]. The Project Hosts “GSS1-AZ” PaaS is a Government Only General Support System (GSS) deployed on Azure Government. GSS1-AZ is composed of systems and services that manage access control, authentication, auditing, monitoring, scanning, patching, configuration management, malware prevention, intrusion prevention, incident response, backup, and disaster recovery for each application leveraging the GSS1-AZ. All of the systems that make up the GSS1-AZ and the Project Hosts engineers that administer the systems can be leveraged by any customers to meet the security requirements for their systems. There are three main SaaS components customers deployed on the GSS One-Azure system can leverage: - GSS One Portal/Admin Page: The GSS One Portal is a page where customer users and PH support can login to create and manage non privileged users for their organization including revoking access. It also provides them with the ability to upload software binaries to the test environment and screenshots and other supporting artifacts required for support tickets. The GSS One Admin page is accessible only to PH engineers and is used for managing inventory, privileged user maintenance windows and account creation and JIT access and has dashboards for PH engineers to provide a centralized view of each environment. - GSS One Console: GSS One- Console is a one stop shop for agency and CSP customers to view relevant information for their system and aid in implementing and maintaining ConMon requirements including a document repo for SSP and appendixes, POA&Ms and vulnerability scans, allows them to manage training, track incidents, track vulnerabilities and other corrective actions, track red teaming activities, view availability monitoring alerts, change control ticketing, link controls to artifacts and evidence to speed up ATO times, centralized up to date contact lists. - GSS One Ticketing System: Project Hosts has configured a customer-facing support portal for creating and managing support tickets. This allows customers to view all of their relevant tickets, create tickets, upload screenshots and communicate with PH staff through a secure channel. There are two main types of customers who use the GSS1-AZ: (i) Independent Software Vendors (ISVs) deploying multitenant SaaS applications and (ii) Federal, state, or local agencies deploying dedicated applications just for their agency or organization (not multitenant). For both types of customers, their applications are deployed on customer-dedicated virtual servers (or FedRAMP-authorized Azure PaaS services) inside customer-dedicated subnets. Network Security Group firewall access controls ensure that each customer's systems are completely isolated from and has no access to any other customer's subnet. For GSS1-AZ customers, Project Hosts also provides services that are over and above the PaaS offering described in the GSS1-AZ FedRAMP package. Namely, Project Hosts deploys, secures, manages, and provides continuous monitoring for applications that are compatible with the GSS1-AZ architecture, authentication, operating system, database, and access requirements. Many CSPs do not have the staff or knowledge to fully deploy a cloud workload, write security documentation, refactor the application to meet compliance requirements and work with agencies and the PMO to obtain a FedRAMP authorization which leads to wasted time, money, and resources both for government sponsors and the ISVs. Project Hosts works with these software vendors and agencies to quickly deploy the application to the cloud and build out and manage the system for the customers which includes acting as the security and compliance team for the application. In addition, Project Hosts works with these software vendors to document security controls, perform compliance reviews, perform disaster recovery, and advises the ISV on how refactor the application to meet FedRAMP requirements. Project Hosts security compliance team also performs monthly vulnerability scanning include ACAS scans, dynamic web app scans and container image scans and documents and tracks these findings in accordance with continuous monitoring requirements. Among other things the Project Hosts team also performs (for each customer deployed within the GSS1-AZ) monthly baseline compliance scanning, configuration management, patch and vulnerability management, malware prevention and intrusion prevention using HBSS software, incident response reporting, analysis, eradication, and recovery as well as all SOC review and analysis of audit logs and responding/investigating alerts for suspicious activity. Project Hosts deploys systems to monitor workloads for availability and performance issues and proactively take action to ensure maximum uptime and availability. Performing these functions on the ISVs’ behalf allows the software vendors to focus on their core business model in delivering a secure, highly functional application to the agency. For CSP customers, Project Hosts also creates their SaaS-level FedRAMP package, helps them throughout the agency authorization process, and manages their 3PAO annual assessments. For agency customers, Project Hosts assists them in the creation of their own SSP, manages annual 3PAO scanning and penetration testing of their dedicated applications, and provides a monthly application-level POA&M. Following is a partial list of applications for which Project Hosts is providing these services over and above the GSS One-Azure platform: 1E (1E Tachyon Platform) Archive360 (Archive2Azure) AvePoint (AvePoint Online Services for US Government) Aztec (Aztec Learning System) Bingli (Bingli) Blue Prism (Blue Prism) BrightWork (BrightWork SharePoint-based Project Management) Cardinal Engineering (ShockIQ) C3 AI (C3 AI Suite) Checkmarx (CxSAST Source Code Scanner) CTERA Networks (CTERA Edge Filer, CTERA Drive, CTERA Portal) Conga (Contract Lifecycle Management, X-Author and Conga Approvals) Creative Veteran Productions (Fed ILMS) Davra (WebEx Legislate, Internet of Things) Distributed Solutions Inc. (AEON) Drupal (Drupal CMS) Ephesoft (Transact) Feith Systems and Software Inc. (RMA iQ™) FlowVU (FlowVU Collaboration) Gimmal (Gimmal Records Management) Idea Entity (RhyBus Platform) Image Trend (Elite, Report Writer (RW), Continuum (CT), Licensure, Slate) Invoke (UiPath Orchestrator and RPA) Ivanti (MDM, Access, Neurons) Kofax (Control Suite, Kofax TotalAgility, Kofax Robotics Process Automation) Lexmark (Managed Print Service, Lexmark Print Management) LMI (ATLAS by LMI) Librestream Technology (Onsight Now) Microsoft (Office, Dynamics, Power BI Server, Project Server, SharePoint, SSRS) NIBS/ OM Group Inc. (ProjNet™) Nintex (K2 Five, Workflow Cloud) Nintex (Nintex Automation GE Platform) Nuance (Dragon Suite, DAX CoPilot) OneSpan (OneSpan Sign) Orbus Software (OrbusINFINITY) Permuta (Defense Ready) Power Settlements Consulting and Software, LLC (PowerCore™) ProSymmetry Quest Software, Inc. (On Demand Solution, Security Guardian, Disaster Recovery for Identities) Relocation Management Worldwide (Virtual Employee Network) Synergist Technology, LLC (AFFIRM Solution for AI Compliance, SAS® VIYA®) UMT360 (SharePoint-based Enterprise Portfolio Management) Veritas (eVault, eDiscovery, Merge1) Wellspring (Accolade Enterprise Innovation Management, Sophia) WillCo Tech (CyberSTAR™) WordPress (WordPress CMS) WordPress As a Service (WPaaS) If an agency would like to use one of these Applications or bring in another GSS One-Azure-compatible Application, Project Hosts will provide application-level artifacts that will help the agency assess the risk of deploying that application in the GSS One-Azure as well as any other documentation or evidence required in order to grant an Authority to Operate (ATO).

GSS One - Azure

Authorizations

6

Reuse

30

Service Model

Impact Level

Status

FedRAMP Authorized

GSS One-Azure (GSS1-AZ) is delivered as a hybrid offering using a multi-tenant PaaS cloud computing environment. It is available to both private and multitenant customers deployed per the agencies preference and agreements and can be utilized by the following audiences: the public, federal, DoD, state, local, and tribal governments, as well as research institutions, federal contractors, government contractors etc.)]. The Project Hosts “GSS1-AZ” PaaS is a Government Only General Support System (GSS) deployed on Azure Government. GSS1-AZ is composed of systems and services that manage access control, authentication, auditing, monitoring, scanning, patching, configuration management, malware prevention, intrusion prevention, incident response, backup, and disaster recovery for each application leveraging the GSS1-AZ. All of the systems that make up the GSS1-AZ and the Project Hosts engineers that administer the systems can be leveraged by any customers to meet the security requirements for their systems. There are three main SaaS components customers deployed on the GSS One-Azure system can leverage: - GSS One Portal/Admin Page: The GSS One Portal is a page where customer users and PH support can login to create and manage non privileged users for their organization including revoking access. It also provides them with the ability to upload software binaries to the test environment and screenshots and other supporting artifacts required for support tickets. The GSS One Admin page is accessible only to PH engineers and is used for managing inventory, privileged user maintenance windows and account creation and JIT access and has dashboards for PH engineers to provide a centralized view of each environment. - GSS One Console: GSS One- Console is a one stop shop for agency and CSP customers to view relevant information for their system and aid in implementing and maintaining ConMon requirements including a document repo for SSP and appendixes, POA&Ms and vulnerability scans, allows them to manage training, track incidents, track vulnerabilities and other corrective actions, track red teaming activities, view availability monitoring alerts, change control ticketing, link controls to artifacts and evidence to speed up ATO times, centralized up to date contact lists. - GSS One Ticketing System: Project Hosts has configured a customer-facing support portal for creating and managing support tickets. This allows customers to view all of their relevant tickets, create tickets, upload screenshots and communicate with PH staff through a secure channel. There are two main types of customers who use the GSS1-AZ: (i) Independent Software Vendors (ISVs) deploying multitenant SaaS applications and (ii) Federal, state, or local agencies deploying dedicated applications just for their agency or organization (not multitenant). For both types of customers, their applications are deployed on customer-dedicated virtual servers (or FedRAMP-authorized Azure PaaS services) inside customer-dedicated subnets. Network Security Group firewall access controls ensure that each customer's systems are completely isolated from and has no access to any other customer's subnet. For GSS1-AZ customers, Project Hosts also provides services that are over and above the PaaS offering described in the GSS1-AZ FedRAMP package. Namely, Project Hosts deploys, secures, manages, and provides continuous monitoring for applications that are compatible with the GSS1-AZ architecture, authentication, operating system, database, and access requirements. Many CSPs do not have the staff or knowledge to fully deploy a cloud workload, write security documentation, refactor the application to meet compliance requirements and work with agencies and the PMO to obtain a FedRAMP authorization which leads to wasted time, money, and resources both for government sponsors and the ISVs. Project Hosts works with these software vendors and agencies to quickly deploy the application to the cloud and build out and manage the system for the customers which includes acting as the security and compliance team for the application. In addition, Project Hosts works with these software vendors to document security controls, perform compliance reviews, perform disaster recovery, and advises the ISV on how refactor the application to meet FedRAMP requirements. Project Hosts security compliance team also performs monthly vulnerability scanning include ACAS scans, dynamic web app scans and container image scans and documents and tracks these findings in accordance with continuous monitoring requirements. Among other things the Project Hosts team also performs (for each customer deployed within the GSS1-AZ) monthly baseline compliance scanning, configuration management, patch and vulnerability management, malware prevention and intrusion prevention using HBSS software, incident response reporting, analysis, eradication, and recovery as well as all SOC review and analysis of audit logs and responding/investigating alerts for suspicious activity. Project Hosts deploys systems to monitor workloads for availability and performance issues and proactively take action to ensure maximum uptime and availability. Performing these functions on the ISVs’ behalf allows the software vendors to focus on their core business model in delivering a secure, highly functional application to the agency. For CSP customers, Project Hosts also creates their SaaS-level FedRAMP package, helps them throughout the agency authorization process, and manages their 3PAO annual assessments. For agency customers, Project Hosts assists them in the creation of their own SSP, manages annual 3PAO scanning and penetration testing of their dedicated applications, and provides a monthly application-level POA&M. Following is a partial list of applications for which Project Hosts is providing these services over and above the GSS One-Azure platform: 1E (1E Tachyon Platform) Archive360 (Archive2Azure) AvePoint (AvePoint Online Services for US Government) Aztec (Aztec Learning System) Bingli (Bingli) Blue Prism (Blue Prism) BrightWork (BrightWork SharePoint-based Project Management) Cardinal Engineering (ShockIQ) C3 AI (C3 AI Suite) Checkmarx (CxSAST Source Code Scanner) CTERA Networks (CTERA Edge Filer, CTERA Drive, CTERA Portal) Conga (Contract Lifecycle Management, X-Author and Conga Approvals) Creative Veteran Productions (Fed ILMS) Davra (WebEx Legislate, Internet of Things) Distributed Solutions Inc. (AEON) Drupal (Drupal CMS) Ephesoft (Transact) Feith Systems and Software Inc. (RMA iQ™) FlowVU (FlowVU Collaboration) Gimmal (Gimmal Records Management) Idea Entity (RhyBus Platform) Image Trend (Elite, Report Writer (RW), Continuum (CT), Licensure, Slate) Invoke (UiPath Orchestrator and RPA) Ivanti (MDM, Access, Neurons) Kofax (Control Suite, Kofax TotalAgility, Kofax Robotics Process Automation) Lexmark (Managed Print Service, Lexmark Print Management) LMI (ATLAS by LMI) Librestream Technology (Onsight Now) Microsoft (Office, Dynamics, Power BI Server, Project Server, SharePoint, SSRS) NIBS/ OM Group Inc. (ProjNet™) Nintex (K2 Five, Workflow Cloud) Nintex (Nintex Automation GE Platform) Nuance (Dragon Suite, DAX CoPilot) OneSpan (OneSpan Sign) Orbus Software (OrbusINFINITY) Permuta (Defense Ready) Power Settlements Consulting and Software, LLC (PowerCore™) ProSymmetry Quest Software, Inc. (On Demand Solution, Security Guardian, Disaster Recovery for Identities) Relocation Management Worldwide (Virtual Employee Network) Synergist Technology, LLC (AFFIRM Solution for AI Compliance, SAS® VIYA®) UMT360 (SharePoint-based Enterprise Portfolio Management) Veritas (eVault, eDiscovery, Merge1) Wellspring (Accolade Enterprise Innovation Management, Sophia) WillCo Tech (CyberSTAR™) WordPress (WordPress CMS) WordPress As a Service (WPaaS) If an agency would like to use one of these Applications or bring in another GSS One-Azure-compatible Application, Project Hosts will provide application-level artifacts that will help the agency assess the risk of deploying that application in the GSS One-Azure as well as any other documentation or evidence required in order to grant an Authority to Operate (ATO).

ProjectTeam for Government (Construction Project and Program Management)

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Proofpoint Targeted Attack Protection

Authorizations

5

Reuse

4

Service Model

Impact Level

Status

FedRAMP Authorized

Proofpoint Email and Information Protection Service

Authorizations

5

Reuse

5

Service Model

Impact Level

Status

FedRAMP Authorized

Proofpoint Email Archive

Authorizations

3

Reuse

12

Service Model

Impact Level

Status

FedRAMP Authorized

PTC Cloud Services

Authorizations

3

Reuse

2

Service Model

Impact Level

Status

FedRAMP Authorized

PTC ServiceMax Federal

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

PTC ServiceMax Federal is delivered as a Software as a Service (SaaS) model using multi-tenant AWS Commercial Cloud deployment for underlying infrastructure. The ServiceMax tool allows customers to manage assets, track field operations, and deploy field technicians. ServiceMax has a core offering that when purchased gives customers access to additional supporting applications. The ServiceMax Core product is listed on the Salesforce Marketplace (AppExchange). If a customer wants to purchase the product, they contact PTC and sign a contract. After signing the contract, PTC provisions a license for the customer through the Salesforce license management tools. Customers manage the configuration and access of the ServiceMax tools once purchased. The ServiceMax package includes the following applications: • ServiceMax Core Application – Application offered through the Salesforce Marketplace. Customers purchase the application which is hosted on Salesforce infrastructure. The Core application allows customers to manage assets and boost productivity for field service activities. The application allows technicians to perform services, dispatch technicians to the field, manage contracts, and fill out forms. This is the only service not hosted in AWS. The databases underlying ServiceMax Core are managed by the customer, hosted in their Salesforce tenant. • Go Mobile Application – The Go Mobile App is a mobile version of the ServiceMax Core. It allows technicians in the field to have access to assets and documentation, as well as schedule appointments. The Go Mobile Application is part of the Core product license purchased by the customer. Go Mobile talks to the Sync Gateway and Notification Service backend, hosted in AWS. • Go Console Application – Go Console is a multi-tenant application hosted in AWS that serves as the customer administrator console for the Go Application. Go Console ensures endpoints are running the correct version of the Go mobile application and pushes configurations. It is deployed on a Kubernetes cluster. There are multiple instances for Go Console. The Go Console is part of the Core product license purchased by the customer. • Notification Services Application – Notification Services is hosted in AWS and serves as a customer administrator backed service to support mobile push notifications. • Configurator Application – Configurator is hosted in AWS and helps customer set up ServiceMax Core. It is an optional tool the customer can use to streamline Salesforce configuration management. • Migrator Application – Migrator is hosted in AWS and is an optional service allowing customers to migrate configurations to the ServiceMax Core application. Once the migration is complete, customers receive an email notification that the task is completed. • Data Guide Application – Data Guide is static content hosted in an AWS S3 bucket. If a field agent has a form that a customer needs to fill out the ServiceMax applications will pull the templates from the S3 bucket.

Bibliovation/Knowvation

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

TRAIN Learning Network

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Qlik Cloud Government

Authorizations

3

Reuse

2

Service Model

Impact Level

Status

FedRAMP Authorized

S.M.A.R.T. - Federal Editions

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

Qualtrics XM Platform

Authorizations

30

Reuse

31

Service Model

Impact Level

Status

FedRAMP Authorized

Qualtrics XM Platform - High

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Qualys Cloud Platform

Authorizations

17

Reuse

287

Service Model

Impact Level

Status

FedRAMP Authorized

Qualys Government Platform

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Qualys Government Platform (QGP) consists of a suite of Information Technology (IT) security and compliance solutions delivered via a SaaS deployment model that leverages a highly scalable multi-tenant cloud infrastructure. The below services are part of the QGP platform - Vulnerability Management, Detection, and Response (VMDR) service enables customers to discover, assess, prioritize, and patch critical vulnerabilities and misconfigurations in near real-time and across your global hybrid-IT landscape all-in-one subscription. Policy Compliance (PC) service provides the ability to run compliance scans and create compliance reports on hosts (IP addresses) that have been added to the Policy Compliance account. File Integrity Monitoring (FIM) service enables monitoring critical files, directories, and registry paths for changes in near real-time, and helps adhere to compliance mandates such as FedRAMP. Container Security (CS) service provides discovery, tracking, and continuously protecting container environments. Addresses vulnerability management for images and containers in their DevOps pipeline and deployments across cloud and on-premises environments. Certificate View (CertView) service provides a comprehensive view of all the SSL/TLS certificates across the enterprise and cloud-hosted assets. CyberSecurity Asset Management (CSAM) service continuously gathers information on all assets, listing systems and hardware details, running services, open ports, installed software and user accounts. Asset discovery and inventory collection is done through a combination of Qualys Sensors, which together can collect comprehensive data from across on-premises or cloud infrastructure as well as remote endpoints. Web Application Scanning (WAS) service enables organisation's to assess, track and remediate web application vulnerabilities to keep their web applications secure. Patch Management (PM) service is used to patch and apply post-patch configuration changes to operating systems, mobile devices, and 3rd-party applications from a large variety of vendors, all from a central dashboard.

Questionmark Government

Authorizations

7

Reuse

6

Service Model

Impact Level

Status

FedRAMP Authorized

The Questionmark Government service is an online assessment platform providing the ability to author, deliver and report on tests, quizzes, surveys, and exams. Questionmark Government can be used for training, certification, advancement, channel expertise, competency measurement, compliance, and workforce learning. United States Federal, State and Local government agencies and their contractors can safely and securely use our powerful tool for creating, delivering, and reporting on assessments. Questionmark Government is hosted in US-based, FedRAMP-authorized data centers used by US government agencies and their service contractors. Our service is targeted for data up to DoD Impact Level 4. Questionmark Government operates the Software-as-a-Service (SaaS). It includes provisioning and scaling; and maintenance of operating systems and software to ensure sufficient bandwidth and performance, upgrades, and secure backups. Questionmark is widely used by Government, Awarding Bodies, Utilities, Manufacturing and Public Sectors. For more information about Questionmark Government, please see: https://www.questionmark.com/use-cases/government/ **Features** * A government-specific online platform that is FedRAMP authorized and designed to support your special requirements * Comprehensive item banking with easy search functionality * Delivery of assessments via browser, secure browser, mobile devices and paper * Incorporates a robust reporting and analytics suite * Provides a collaborative authoring environment complete with version tracking and roll-back features * Author once then deliver to multiple devices simultaneously * Includes accessibility features such as text sizing and contrast controls * Available in 36 different languages * A secure and robust SaaS provided by a company that is ISO 27001:2022 certified * A scalable, flexible solution that can be rapidly deployed * Robust availability: 99.9%+ uptime **Benefits** * Easily create and deliver certification assessments and advancement exams * Easily create and deliver post-course tests for distance learning * Easily create, deliver, and report on surveys and course evaluations * Provides tracking changes to questions for legal defensibility * Blended delivery allows mobile/onsite workers to take assessments * Provides observational assessments to allow measuring performance on practical tasks * Create valid and reliable assessments to make trustworthy decisions * Author and deliver assessments that document training and understanding for compliance purposes * Improve test validity by running job task analysis surveys * Assess skills of technical staff, engineers, and equipment maintainers

Quzara Cybertorch (SOC-as-a-Service)

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Rackspace Government Cloud

Authorizations

6

Reuse

25

Service Model

Impact Level

Status

FedRAMP Authorized

InsightGovCloud

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Rave Safety Platform

Authorizations

3

Reuse

2

Service Model

Impact Level

Status

FedRAMP Authorized

American Heart Association Precision Medicine Platform (AHA-PMP)

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Rectitude 369 Government Cloud (Formerly GDT)

Authorizations

2

Reuse

6

Service Model

Impact Level

Status

FedRAMP Authorized

Red Hat OpenShift Service on AWS (ROSA)

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

RegScale FedRAMP High Baseline Security Plan is delivered as PaaS offering using a multi-tenant Public Cloud computing environment. RegScale is a next-generation Governance, Risk and Compliance (GRC) tool on Microsoft Azure, now referred to be Gartner as a Continuous Compliance Automation tool, that is a Software as a Service (SaaS) offering that enables organizations to automate and speed up the process of managing cyber security programs such as FISMA, FedRAMP, CMMC, PCI, HIPAA, NERC/CIP, and many others. RegScale helps organizations to solve their most difficult compliance challenges by allowing customers, based on API integrations, to manage their controls and upload their evidence documentation, perform system assessments, maintain their certifications and authorizations in a single platform (“Single Pane of Glass”), and keep everything updated in near real-time with automation. RegScale ensures that security and privacy-related controls are adequately identified, implemented, and maintained across the System Development Lifecycle (SDLC) for systems, applications, services, processes, and other initiatives. RegScale establishes and maintains customer information assurance capability with the ability to perform Control Validation Testing (CVT) to ensure appropriate controls are operational and risks are managed, prior to the system, application or service being put into production. RegScale is a major application for most large organizations but is not typically considered mission critical. RegScale is a modern cloud-native application that is built to scale using Docker containers which are micro-segmented and orchestrated using Microsoft Azure services. It is designed to be hosted in any environment and configuration is done securely at run-time by injecting environmental variables. The application can be downloaded and installed at any time from our Docker Hub Repository to support on-premises deployment. It is secured with unique customer keys, scales in real-time using serverless technologies, and can be deployed anywhere (laptop/desktop, on-premises, Kubernetes, or cloud (we currently support AWS, Azure, and Google). All our SaaS infrastructure resides within Microsoft Azure commercial cloud.

RelativityOne Government

Authorizations

11

Reuse

10

Service Model

Impact Level

Status

FedRAMP Authorized

Relias Platform

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Virtual Employee Network (VEN)

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Formed in 2002 for the government to be compliant with the FEAFA (Federal Enterprise Architecture Framework Act), the RMW - Virtual Employee Network (VEN) system utilizes the most advanced relocation technology in the relocation industry. VEN is a modular, flexible, stable, and highly secure system that supports all critical relocation functions and end-to-end PCS (Permanent Change of Station) software from obligation, de-obligation to financial system interfaces. RMW continues to develop technology tools based on anticipated client needs and customer input in addition to changes in legislation (i.e. 2017 tax cuts and jobs act). RMW IT professionals have built intuitive solutions into a fully comprehensive web-based platform. Users have 24/7 access to the system, which is scalable to meet an Agency's information needs. The user friendly PCS Travel Voucher submissions are initiated by the employee via VEN through an automated work flow controlled by the Agency. E-signature documents are digitally signed that complies with the strictest legal regulations and highest level of assurance of a signer's identity. VEN provides greater flexibility, capability, and protection of sensitive employee data than other systems. - Fully automates expenses, policy, and suppliers so teams can focus on what is most important, "the Agency's mission". - Fully automates all Federal regulations and laws pertaining to employee relocation. - New appointees, retirees, and transferees can access, enter, and submit PCS expenses, all while the Agency reviews or rejects, approves, certifies, and runs real-time reports. - Real-time information directly from suppliers with work-flows that ensure data integrity for much faster processing of data, documents, vouchers, and invoices, all with complete transparency. - Integration of Agency's specific documents completed by transferees with PIV card (Personal Identity Verification smart card) authentication of a digital signature. - All aspects of the system are digital and accomplished online by Agency staff and relocating employees. VEN assists Agencies on complying with the Paper Reduction Act and Green Initiatives.

Repario Government Solutions (RGS)

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Rescale ScaleX Government

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

Rescale ScaleX Government is mission-ready secure supercomputing. Rescale's multi-cloud HPC-as-a-Service provides an intuitive, centralized, and automated platform for US government agencies and customers supporting the US government to operate sensitive workloads in the cloud. In addition to complying with FedRAMP requirements, Rescale adheres to critical compliance standards including: • U.S. International Traffic in Arms Regulations (ITAR) • Defense Federal Acquisition Regulation Supplement (DFARS) • Cloud Security Alliance (CSA) • Health Insurance Portability and Accountability Act (HIPAA) • American Institute of CPAs: Service Organization Control (AICPA SOC2) Additional information is available at https://rescale.com/solutions/by-industry/government/ Rescale’s HPC-as-a-Service platform provides automated, on-demand access to a wide variety of the latest hardware architectures to meet any specialized HPC needs (CPUs, GPUs, memory, storage, and networking). An easy-to-use console provides a range of tools to help government agencies balance flexibility, cost savings, and processing speed to set up the right HPC cloud service for their needs. The Rescale platform also provides an on-demand portfolio of leading engineering, scientific, and research applications that are pre-installed, secure, and ready to go. This includes commercial, open source, and government-protected applications. Users can also bring their own software. Rescale ScaleX Government supports a variety of computationally intensive use cases and applications including: • High Performance Computing (HPC) • High-Throughput Computing (HTC) • Artificial Intelligence (AI) • Machine Learning (ML) • Modeling and Simulation • Digital Engineering: Research and Development (R&D) • Computer-Aided Engineering (CAE) • Computational Fluid Dynamics (CFD) • Multi-Disciplinary Design Optimization (MDO) With Rescale, HPC operations are automated on a single pane of glass, making it simple for engineers and scientists to harness the most advanced software, computing, and AI architectures for cutting-edge simulation and mission execution. For IT, the Rescale platform provides a centralized, policy-driven automation to assure security, budgetary controls, and comprehensive visibility into all HPC operations, including sophisticated licensing and cloud usage management. Policy-based financial and architectural dashboards streamline workflows and configuration tasks, ensuring greater productivity and cost-efficiencies. By simplifying the complexity of managing on-premises and multi-cloud HPC, the Rescale ScaleX Government platform helps government agencies tap into dynamic cloud HPC services to accelerate their innovation efforts and support their big compute initiatives.

IRBNet on GovCloud

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

IRBNet's powerful suite of web-based, Software as a Service (SaaS) research compliance solutions provide electronic submission, collaboration and workflow tools that currently serve thousands of research institutions, compliance boards and sponsors, and hundreds of thousands of users, across IRBNet's National Research Network (commercial) and IRBNet on GovCloud (government). IRBNet research compliance solutions support institutions of any size, and currently serve hospitals and hospital networks, universities and academic research institutions, and federal and state agencies. IRBNet’s secure suite of tools is accessible anywhere, anytime, supporting real-time collaboration between investigators and institutions anywhere in the world, helping to streamline compliance workflow, reduce review and approval cycle times, reduce errors and non-compliance, increase staff efficiency, and improve audit trails and record keeping. IRBNet's tools are fully integrated and configurable, and support all institutional compliance offices, investigators and board members, including: - Institutional Review Boards (IRB) - Institutional Biosafety Committees (IBC) - Institutional Animal Care and Use Committees (IACUC) - Research & Development Committees - Radiation Safety Committees - Scientific Review Committees - Conflict of Interest (COI) and other specialty committees IRBNet provides the following core features to support local Agency mission needs and critical business functions, supporting compliance boards and researchers throughout the entire lifecycle of the research review and compliance process: - Project assembly, documentation and team collaboration - Electronic submissions - Routing, tracking and alerting tools for committee member review - Tracking of committee member comments and pre-reviews prior to meetings - Cross-institutional collaboration and communication tools - Custom Form Wizards to improve guidance and document quality (application forms, etc.) - Tracking of researcher and committee training and credentials - Multi-Site studies - Instant notification of study approval and other key events - Automated continuing review alerts - Quality control and pre-review tools - Agenda and Minutes Builders - Personalized Approval Letter and Correspondence Wizards - Document version control and history - Multi-board workflow management - Audit and oversight functions IRBNet also provides the following optional integration features to meet Agency mission needs: - IRBNet provides an optional connection to the WCG IRB for commercial IRB review services. This service allows Agencies to seamlessly send research studies for commercial IRB approval, and receive back approval documentation such as Approval Letters, while maintaining oversight of the complete research portfolio (both internal and external). - IRBNet provides an optional connection to external training sources, such as Agency training systems or the national CITI program, to pull training information for researchers and committee members so that this information is readily available during compliance and review processes. - IRBNet provides an optional Single Sign-On federated authentication capability for Agency authentication frameworks such as PIV/CAC, to provide seamless access to Agency users. IRBNet on GovCloud is the Government Community Cloud offering of the IRBNet SaaS. IRBNet on GovCloud is hosted in multiple availability zones within the Amazon Web Services (AWS) FedRAMP-authorized GovCloud Infrastructure as a Service / Platform as a Service (IaaS/PaaS). All AWS GovCloud data centers are within the Continental United States (CONUS). IRBNet on GovCloud is managed by Research Dataware LLC., an operating unit of WCG Clinical, Inc. (WCG). WCG is the world’s leading provider of solutions that measurably improve the quality and efficiency of clinical research.

RingMD Telemedicine

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

RSA® ID Plus for Government

Authorizations

1

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

Rubrik Security Cloud - Government (RSC-G)

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

SailPoint Identity Security Cloud

Authorizations

3

Reuse

2

Service Model

Impact Level

Status

FedRAMP Authorized

Salesforce Government Cloud Plus

Authorizations

69

Reuse

207

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

DoD Cloud Intelligent Enterprise – DD-CIE

Authorizations

4

Reuse

3

Service Model

Impact Level

Status

FedRAMP Authorized

The SAP NS2 Secure Node SuccessFactors Suite – DOD (SNSFS) is a secure cloud environment that hosts the following suite of SAP cloud solutions: SAP SuccessFactors, SAP Employee Central Payroll, Integrated Business Planning (IBP) and SAP S/4HANA Cloud, private edition (PCE). SAP SuccessFactors is an enterprise human resources and people management SaaS solution. SAP SuccessFactors delivers business results by driving business alignment, optimizing people performance, and building connections within organizations. SAP SuccessFactors provides a comprehensive suite of applications that improve executive insight and decision-making while ensuring the right people with the right skills are doing the right work. SAP SuccessFactors includes: Learning, Performance & Goals, Succession & Development, Compensation, Recruiting, Onboarding, Workforce Planning, Workforce Analytics & Reporting, and Employee Central Payroll. Employee Central Payroll is an industry-based payroll engine that seamlessly integrates into the core HR system. Benefits include: Enhanced Disaster Recovery/High Availability, U.S. Federal and Critical Infrastructure compliance, and NS2 U.S. Persons Operation & Support. The SAP Integrated Business Planning (IBP) offering is a fully integrated solution that provides organizations the ability to make optimal, responsive, and strategic decisions affecting their supply chains. Powered by SAP HANA, this cloud-based solution combines sales and operations planning (S&OP), forecasting and demand planning, response and supply planning, demand-driven replenishment, and inventory optimization. IBP provides automated, tightly coordinated supply chain planning processes, advanced machine learning algorithms, and native integration with SAP Supply Chain Control Tower and other solutions. IBP facilitates increased forecast accuracy, reduced inventories and overall supply chain costs and improved customer service. SAP S/4HANA Private Cloud Edition (PCE) is an enterprise resource planning cloud application that includes support, infrastructure management, and technical managed services within a single SaaS solution. This offering provides a path for an accelerated, integrated, and tailored cloud transformation with a priority on safeguarding critical applications and data. Our solutions include S/4HANA, SAP ERP, BW on HANA, BW/4HANA, SAP Landscape Transformation (SLT), Process Orchestration (PO), Data Services, Fiori Hub, Convergent Charging, NetWeaver ABAP, Manufacturing Integration & Intelligence, BusinessObjects, SAP Access Control, SAP IQ Cold Store Cloud, SAP Information Lifecycle Management, Solution Manager, SAP Extended Warehouse Management, BW NetWeaver Java Server, Content Server, Single Sign-On and HANA Enterprise Edition.

SAP NS2 Cloud Intelligent Enterprise

Authorizations

25

Reuse

24

Service Model

Impact Level

Status

FedRAMP Authorized

The SAP NS2 Cloud Intelligent Enterprise (CIE) is a secure cloud environment that hosts the following suite of SAP cloud solutions: SAP SuccessFactors, SAP Employee Central Payroll, SAP Analytics Cloud, SAP Business Technology Platform and SAP S/4HANA Cloud, private edition. Within the CIE cloud environment, government agencies can safely adopt and deploy SAP cloud solutions under our secured, automated cloud model. SAP NS2 offers customers enhanced security, availability, compliance, and support to help deliver a mission-critical edge. Our innovative solutions address critical processes and operations within the cloud that expand across multiple lines of business. Our intelligent suite includes applications for connecting data from disparate sources, operational transactions, HR and people management, analytics, and other key business capabilities. Applications are integration-ready, include both Software-as-a-Service (SaaS) and Platform-as-a-Service (PaaS) solutions, have embedded intelligence, and offer a consistent and intuitive user interface. SAP SuccessFactors is an enterprise human resources and people management SaaS solution. SAP SuccessFactors delivers business results by driving business alignment, optimizing people performance, and building connections within organizations. SAP SuccessFactors provides a comprehensive suite of applications that improve executive insight and decision-making while ensuring the right people with the right skills are doing the right work. SAP SuccessFactors includes: Learning, Performance & Goals, Succession & Development, Compensation, Recruiting, Onboarding, Workforce Planning, Workforce Analytics & Reporting, and Employee Central Payroll. Employee Central Payroll is an industry-based payroll engine that seamlessly integrates into the core HR system. Benefits include: Enhanced Disaster Recovery/High Availability, U.S. Federal and Critical Infrastructure compliance, and NS2 U.S. Persons Operation & Support. SAP Analytics Cloud (SAC) is a business intelligence platform SaaS solution. SAC connects people, information, and ideas to enable fast and confident decision making. With SAC machine learning and embedded artificial intelligence, one solution allows you to discover, analyze, plan, and predict across all devices. In addition, SAC allows you to make end-to-end decisions with data management and analytics. SAC scales to meet the needs of your organization and diverse users across all decision types (strategic, operational, and tactical). SAP Business Technology Platform (BTP) is a PaaS solution that allows users to extend and personalize their SAP applications or integrate and connect entire landscapes. SAP BTP helps achieve agility, business value, and continuous innovation through integration, data to value, and extensibility. Organizations can implement their goals with the flexibility to build, manage, and deploy new applications. SAP BTP also connects data and business processes within one, integrated platform. SAP BTP is the secure core that integrates and extends the SAP NS2 Cloud portfolio. SAP S/4HANA Private Cloud Edition (PCE) is an enterprise resource planning cloud application that includes support, infrastructure management, and technical managed services within a single SaaS solution. This offering provides a path for an accelerated, integrated, and tailored cloud transformation with a priority on safeguarding critical applications and data. Our solutions include S/4HANA, SAP ERP, BW on HANA, BW/4HANA, SAP Landscape Transformation (SLT), Process Orchestration (PO), Data Services, Fiori Hub, Convergent Charging, NetWeaver ABAP, Manufacturing Integration & Intelligence, BusinessObjects, SAP Access Control, SAP IQ Cold Store Cloud, SAP Information Lifecycle Management, Solution Manager, SAP Extended Warehouse Management, BW NetWeaver Java Server, Content Server, Single Sign-On and HANA Enterprise Edition.

SAS AI and Analytics for Government on FedRAMP

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Saviynt Enterprise Identity Cloud (EIC)

Authorizations

3

Reuse

2

Service Model

Impact Level

Status

FedRAMP Authorized

Scale AI Data Platform

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

ScienceLogic Government Cloud

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Gobo Framework (Gobo)

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

Security Control Cloud Software Platform (SCCP)

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

SecurityScorecard Security Ratings

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

SentiLink is delivered as a SaaS offering using a multi-tenant public cloud computing environment. It is available to financial institutions and fintech companies, federal, state, local, and tribal governments, as well as research institutions, federal contractors, and government contractors. SentiLink Corp. is a software-as-a-service financial technology company headquartered in San Francisco, California. It provides fraud detection and prevention services to financial institutions in the United States. Synthetic Fraud Scores SentiLink’s Synthetic Fraud Scores solution helps entities stop hard-to-detect synthetic identities in real-time. The Synthetic Fraud Scores product scores applications from 0 (low risk) to 999 (high risk). Three scores are provided on every identity: a composite score, a first-party synthetic score, and a third-party synthetic score. These scores are defined as follows: First-party synthetic score: the likelihood that the identity is first-party synthetic fraud Third-party synthetic score: the likelihood that the identity is third-party synthetic fraud Abuse score: the likelihood that the identity is associated with synthetic fraud or other related fraud risks ID Theft Scores SentiLink’s ID Theft Scores solution determines the likelihood that someone is using stolen credentials to open an account. The solution provides a score between 0 and 999. The higher the score, the higher the likelihood of ID theft. ID Theft Scores are provided via an application programming interface (API) or a user dashboard, and a single API call can be used for both ID Theft Scores and Synthetic Fraud Scores. First-Party Fraud Flags The First-Party Fraud Flags solution allows customers to determine whether an applicant possesses characteristics indicative of identity-related fraud. The model incorporates geographic and fraud alert data related to applicants and other consumers. Manifest Manifest allows customers to identify duplicate data sets in their data portfolios. Customers provide SentiLink with consumer personally identifiable information (PII), and SentiLink assigns each set of PII a unique ID. Customers send SentiLink consumer PII, such as consumer names, dates of birth, Social Security numbers (SSNs), addresses, phone numbers, and email. SentiLink compares the PII to the established unique IDs to identify matches. Insights The Insights solution is a Know Your Customer (KYC) product designed to satisfy Customer Identification Program (CIP) obligations. Insights allow customers to uncover additional intelligence regarding PII and the risks associated with that PII, which facilitates investigation and remediation. Dashboard The Dashboard facilitates customer analysis of applicant information and SentiLink-licensed associated information to determine whether an applicant’s identity is legitimate. It allows customers to access SentiLink’s proprietary user interface to conduct further analysis and request further information regarding specific applications for fraud detection. eCBSV As part of the electronic Consent Based Social Security Number Verification (eCBSV) subscription, SentiLink submits eCBSV requests on behalf of permitted entities. eCBSV subscription services are provided via API or through a user interface. ID Complete ID Complete is designed to resolve missing or incomplete identity fields, such as dates of birth or SSNs, and suggest alternative information where applicable. Data suggestions are derived from customer data and SentiLink supplied data through SentiLink’s proprietary matching logic. The organization accepts data files from Experian. KYC Watchlist Checks The KYC Watchlist Checks service allows customers to compare applicants to various government sanctions lists including, but not limited to, the Office of Foreign Assets Control (OFAC), Politically Exposed Persons (PEPs), United Nations Security Council, and the US Department of State watchlists. SentiLink Corp.’s (SentiLink’s) technology helps its customers combat fraud, a crime in which fake identities are created and used to defraud financial institutions and government agencies. SentiLink equips users with the tools needed to visualize and prevent fraud in any domain, whether money laundering, contractor fraud, synthetic identities, first-party fraud, or classic third-party stolen identities. The organization offers the solutions below that help banks, lenders, credit unions, financial technology entities, insurance companies, and telecommunication companies prevent fraud.

SentinelOne Singularity Platform High

Authorizations

8

Reuse

19

Service Model

Impact Level

Status

FedRAMP Authorized

The SentinelOne Singularity platform is a unified, cloud-delivered security platform that provides customers with automation, endpoint detection and response and security information and event management (SIEM) capabilities integrated with a unified data lake to ingest and centralize structured and unstructured data. SentinelOne leverages advanced machine learning algorithms and behavioral AI to analyze and automatically contextualize endpoint data collected across Windows, macOS, Linux, and Cloud Workloads. Data is contextualized and correlated into our patented Storylines technology, which accelerates triage and reduces mean time to detect/respond. Data is organized into a cohesive threat narrative which allows analysts to easily identify threat-related events as well as pivot and hunt to scope threat tactics, techniques, and impact. This gives our customers the ability to quickly stop ransomware and cyber attacks at machine speed with 1-click automated remediation and rollback of malicious activities and changes. Additionally, SentinelOne offers world-class managed detection and response (MDR), digital forensics and incident response (DFIR), and threat hunting services. Our MDR service not only augments security teams by triaging active or suspicious alerts and mitigating and blocking threats as needed, but also keeps them informed and protected from global advanced persistent threat (APT) campaigns, novel attacker techniques, and emerging trends in cybercrime with included threat hunting services. Customers can also call on SentinelOne’s integrated DFIR team for deeper forensic analysis of an event and assistance with incident response. The following SentinelOne Singularity Platform services are FedRAMP High Authorized: -Cloud Funnel -Cloud Workload Protection (CWP) -Digital Forensics & Incident Response (DFIR) services -Endpoint Detection and Response (EDR) -Endpoint Protection Platform (EPP) -Extended Detection and Response (XDR) -Purple AI Foundations for Public Sector -RemoteOps and RemoteOps Forensics -SentineOne Agent (Windows, macOS, Linux, and cloud-native Kubernetes) -SentinelOne Management Console -Singularity Data Lake -Singularity Marketplace -Singularity Network Discovery -Singularity Operations Center (OpsCenter) -Singularity Threat Intelligence -Singularity Vulnerability Management -Vigilance Managed Detection and Response (MDR) services -WatchTower and WatchTower Pro Threat Hunting services

Government Community Cloud

Authorizations

100

Reuse

235

Service Model

Impact Level

Status

FedRAMP Authorized

Seven Bridges Platform

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

EVGateway Digital Environment (EDE)

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Mendix Cloud for Government

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

6

Reuse

5

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

4

Reuse

17

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

12

Reuse

11

Service Model

Impact Level

Status

FedRAMP Authorized

Skyhigh Security Service Edge (SSE) Government Cloud Services (Cloud Access Security Broker (CASB) & Secure Web Gateway (SWG) for Cloud) (Formerly McAfee MVISION)

Authorizations

11

Reuse

13

Service Model

Impact Level

Status

FedRAMP Authorized

Skyhigh Security Service Edge (SSE) GovCloud, a FedRAMP authorized zero trust, cloud-native security platform, provides federal agencies in the US Government with secure, fast direct-to-internet access to all websites, email, Software-as-a-Service (SaaS) applications, Infrastructure-as-a-Service (IaaS) environments, and Shadow IT, from a single, enforcement point while protecting highly sensitive data and preventing advanced malicious threats. Skyhigh SSE GovCloud converges all security modules to provide real-time data and threat protection against advanced and cloud-enabled threats and safeguard data across all vectors–all managed from a single console. Skyhigh SSE's SaaS-based converged platform includes these modules: * Skyhigh Secure Web Gateway (SWG) for Cloud * Skyhigh Cloud Access Security Broker (CASB) * Remote Browser Isolation (RBI) * Data Loss Prevention (DLP) Skyhigh SSE provides visibility and control of data in the cloud, regardless of where it resides. Its DLP engine provides one centralized management and reporting dashboard, a single security policy framework across all data exfiltration vectors and multi-layered security technologies. Skyhigh SSE GovCloud can help fortify defenses in alignment with the highest standards for cloud security and accelerate adoption of a Zero Trust strategy. Skyhigh Security can help agencies achieve target goals of Executive Order 14028 and other mandates and directives. Skyhigh Secure Web Gateway (SWG) for Cloud - Authorized 01/23/2023 Skyhigh SWG for Cloud protects remote users from accessing malicious or unauthorized websites and cloud applications, prevents zero-day threats from infiltrating and sensitive data from exfiltrating an environment by monitoring inline traffic and serving as a gateway between users, websites, applications, and data. It provides continuous web connectivity with integrated RBI, Gateway Anti-Malware (GAM), CASB (cloud registry), and DLP with 99.999% uptime. Flexible deployment modes allow quick and secure migration of remote users to the cloud, while continuing to use proxy appliances for compliance and legacy protocols with in-sync web policies. Capabilities include: * Intelligent web filtering for secure connection to the cloud and web from anywhere and on any device * Secure web access protection from risky and malicious web sites using Remote Browser isolation (RBI), initiated through a visual stream, to reduce security infections and false positives * Fully integrated DLP for full visibility and control over how data is being accessed or shared in RBI sessions * ML based zero-day and real-time threat protection with built-in GAM and Global Threat Intelligence (GTI) * SSL decryption * Granular data protection policies, sophisticated data classifications, and mature DLP policy engine across all products * AI-powered Regular Expression (RegEx) Generator for complex data classifications * Disabled AI chat history to block the transfer of user data for ChatGPT * Fully customizable web policy code to address unique use cases - Optical Character Recognition (OCR) to scan and extract sensitive data from image files Skyhigh Cloud Access Security Broker (CASB) Skyhigh CASB’s cloud-based, multi-tenant service enables the use of cloud services with appropriate levels of security and governance. Skyhigh CASB discovers all cloud services in use, providing cloud activity monitoring, user risk, data protection, and threat protection. Its corresponding readiness rating allows system and data owners to assess cloud risk. Skyhigh CASB detects anomalous activity that may be a security breach or insider threat, enabling immediate response to potential incidents. Inline deployment modes (forward proxy, reverse proxy and cloud app isolation) enable real-time control over user access to sanctioned and unsanctioned cloud services. API coverage for sanctioned apps provides deep visibility, UEBA, tenant restrictions, collaboration controls, near real-time and on-demand scanning (ODS). Capabilities include: * Granular data protection policies, sophisticated data classifications, and mature DLP policy engine across all products * Visibility and control over sanctioned cloud apps through CASB APIs (over 40 cloud apps supported) * Cloud Registry of over 40,000 SaaS, PaaS, and IaaS cloud services using 75 attributes that comprise the Cloud Trust Rating * AI-powered Regular Expression (RegEx) Generator enabling complex classifications * ODS for cloud services that violate your DLP and malware policies * Optical Character Recognition (OCR) to scan and extract sensitive data from image files * Application and user activity risk monitoring with User and Entity Behavior Analytics (UEBA) and ML Available Products Skyhigh Security Service Edge Secure Web Gateway for Cloud Cloud Access Security Broker Remote Browser Isolation Data Loss Prevention Request a Demo: https://www.skyhighsecurity.com/forms/demo-request-form.html

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

11

Reuse

336

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

29

Reuse

30

Service Model

Impact Level

Status

FedRAMP Authorized

Elevate Intelligent Automation Platform (IAP)

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

The Data Cloud on Azure Government

Authorizations

2

Reuse

6

Service Model

Impact Level

Status

FedRAMP Authorized

The Data Cloud on AWS US East/West

Authorizations

3

Reuse

25

Service Model

Impact Level

Status

FedRAMP Authorized

The Data Cloud on AWS GovCloud (High)

Authorizations

2

Reuse

4

Service Model

Impact Level

Status

FedRAMP Authorized

Snyk for Government

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Socure for Government (SocureGov)

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Socure for Government (SocureGov) is delivered as a SaaS offering using a multi-tenant Public Cloud computing environment. SocureGov is available to, and provides digital identity proofing and fraud prevention capabilities for, customers who want to enable a simple, seamless, and secure verification process for consumers. The platform applies artificial intelligence and machine learning techniques with trusted online/offline data intelligence from physical government-issued documents as well as email, phone, address, IP, device, velocity, date of birth, SSN, and the broader internet to verify identities in real time. It is the only solution that analyzes and correlates every facet of an individual’s digital identity to accurately verify individual identities while simultaneously detecting fraud. The platform is fully compliant with FedRAMP Moderate security controls and has been certified by the Kantara Initiative to meet NIST SP 800-63 Identity Assurance Level 2. SocureGov provides several important capabilities listed below: - Socure Verify uses a triangulated data approach and leverages artificial intelligence and machine learning to verify an identity across 400+ trusted sources, and then correlates thousands of identity data points—online and offline—to resolve to a single best-matched entity. - Sigma Identity Fraud provides high-assurance trust and detects digital identity fraud across the customer lifecycle. - Sigma Synthetic applies the Federal Reserve’s definition of synthetic identity fraud which focuses on “manipulated” and “fabricated” types to support customers in determining the optimal follow-on treatment — without adding unnecessary friction. - Email Risk Score leverages machine learning models and feedback loops to analyze over 56 email fraud predictors, assessing risk throughout the customer lifecycle. - Phone Risk Score leverages adaptive machine learning and continuous feedback data to verify phone number risk and ownership, while ensuring a seamless user experience for legitimate customers. - Address Risk Score establishes address-level risk and its correlation to a holistic identity profile, empowering businesses to deflect identity fraud attacks without adding friction to legitimate customers. - Global Watchlist Screening and Monitoring screens, monitors, and dispositions users in real time against sanctions, enforcement lists, politically exposed persons databases, adverse media information, and custom lists - Digital Intelligence continuously monitors and assesses user interactions, helps detect anomalies, and enhances identity proofing, to provide a secure and trustworthy environment for both organizations and their users. - Predictive Document Verification (DocV) verifies ID, biometrics, PII, barcode, and device and behavior intelligence in a single platform to accurately detect and prevent deepfakes, fake IDs, and stolen and fabricated identities from entering the digital economy, in under 2 seconds. - Image Alert List is a live monitoring service that checks documents to identify individuals who previously attempted a transaction under different identities. - Decision Module provides a seamless method to orchestrate the breadth of Socure’s products, enabling a customer to set risk thresholds and help automate decisions to accept, reject, review, resubmit, or refer individuals in an identity verification flow

ARIS Government Cloud

Authorizations

4

Reuse

3

Service Model

Impact Level

Status

FedRAMP Authorized

Solventum RevCycle Health Services Platform

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Spider Impact for Government

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Spider Impact for Government enables cloud-based performance management for defining, measuring, and reporting agency performance against targets and strategic plans. The system is the Federal Government dedicated environment of Spider Strategies’ Spider Impact software. Spider Impact for Government collects, stores, and displays agency key performance indicators (KPIs), generates executive Briefings, Dashboards, and Reports, and enables data analysis and exploration through its business intelligence reporting engine. Spider Impact for Government Scorecards allow agencies to define KPIs and metrics and align them to the overall agency strategy through objectives, initiatives, and corrective action plans. This permits users to track and evaluate their agency’s performance strategically by comparing KPI performance against targets and goals resulting in Red/Amber/Green assessments. Spider Impact for Government Dashboards and Reports allow agencies to create custom, ad-hoc, or cascading dashboards to track and report performance across teams, projects, strategies, or organizations with dynamically updating data collected and reported via Spider Impact for Government scorecards and datasets. The result is reports and dashboards that provide a common operating picture across an agency, based on timely data and insights from agency leaders. Spider Impact for Government Datasets provides users a business intelligence engine to explore and analyze large amounts of data, allowing users to discover insights, trends, correlations, or anomalies within and across agency datasets. Datasets permits agencies to apply conditional and Boolean logic to sort, filter, or report subsets of data. Spider Impact for Government automates data input to save countless hours of data collection, entry, and quality review resulting in greater efficiency in data gathering, greater speed to reporting, and increased return on investment by allowing organizations to devote user time to data analysis and not data collection. Spider Impact for Government, from Spider Strategies, is an approved Software-as-a-Service (SaaS) Performance Management suite for all Federal Government customers, including the Department of Defense at Impact Level 4 (DoD IL4).

Splunk Cloud Platform for FedRAMP High

Authorizations

5

Reuse

4

Service Model

Impact Level

Status

FedRAMP Authorized

Splunk Cloud Platform for FedRAMP Moderate

Authorizations

18

Reuse

106

Service Model

Impact Level

Status

FedRAMP Authorized

Splunk Observability Cloud for FedRAMP Moderate

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Sprinklr CXM for Government (CXM)

Authorizations

3

Reuse

2

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

The Armory is a purpose-built General Support System (GSS) cloud service offering (CSO) that delivers security and compliance services aligned to the FedRAMP High risk categorization baseline. The Armory accelerates the ability for Independent Software Vendors (ISVs) and Enterprises to meet complex regulatory requirements on the Google Cloud Platform (GCP). The Armory delivers and continuously monitors FedRAMP compliant, risk-mitigated cloud solutions to government agencies and their partners through either a hosted or managed delivery model by: • providing full compliance architecture, engineering, documentation and audit support, • reducing the burden to both agencies and SaaS providers, and - expanding the catalog of mission-critical cloud solutions available to agencies. The Armory is built on the FedRAMP authorized Assured Workloads Google Cloud Platform and includes configuration managed Google resources such as VPCs (Virtual Private Clouds), networking components, security controls, identity and access management (IAM) policies, and logging and monitoring mechanisms. The system also provides access to in-boundary tools for automation, configuration management, and account management. Each of these mechanisms has been configured to meet specific regulatory requirements such as International Traffic in Arms Regulations (ITAR), FedRAMP High, and Department of Defense (DoD) Impact Levels 4/5 (IL 4/5). The Armory provides ISVs, Enterprises and Agencies with access to pre-production staging environments and Google “Landing Zones”. These are securely architected environments that enable quick and compliant deployments, and a scalable foundation for their regulated cloud workloads. This secure standardized approach to creating and managing deployments allows government agencies and customers to easily deploy and manage their workloads while maintaining security, governance, and compliance. ISV Partners: Qanapi - As our inaugural ISV Partner, Qanapi’s FIPS-validated API service delivers state-of-the-art encryption and protection at the data level. Designed to safeguard sensitive, industry-regulated, and mission-critical data, Qanapi’s API seamlessly integrates into any software, device, or network. Built on a zero-trust architecture, it ensures robust security across organizations of all sizes, in both the public and commercial sectors. With Qanapi, organizations can achieve the highest level of data protection and compliance, regardless of their environment. Discover more at qanapi.com

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

Authorizations

3

Reuse

88

Service Model

Impact Level

Status

FedRAMP Authorized

Sumo Logic is a cloud-native SaaS log analytics platform helping customers enable application reliability, secure and protect against modern threats, gain insights into cloud infrastructures, and obtain comprehensive visibility across their threat landscape. Sumo Logic provides the following solutions within our FedRAMP Moderate product offering: Cloud Security Incident and Event Management (SIEM) - Full-featured SIEM automates alert triage, correlation, and threat detection at scale to speed investigation and response times while reducing analyst alert fatigue. Community analytics delivers machine learning (ML) predicted true positive Global Confidence scores, along with global threat benchmarking. Cloud Security Monitoring & Analytics - Sumo Logic supports the entire spectrum of security use cases - from centrally logging compliance data to monitoring and securing public and hybrid clouds, to delivering market-leading DevSecOps capabilities. Application Modernization and Observability - Reduce downtime by finding, investigating, and resolving customer-impacting issues faster with real-time alerting and dashboards for all data - logs, metrics, and traces. Infrastructure Monitoring - On-call teams can reduce mean-time-to-resolution (MTTR) by simplifying the work required to validate issues, identify suspects, and quickly remediate. Reduce downtime and solve customer-impacting issues faster with an integrated observability platform for all application data. Compliance Monitoring - Security and configuration analytics provide the data monitoring, dashboards, analyses, and reporting capabilities necessary to achieve rapid, cost-effective continuous compliance readiness for many industry leading cybersecurity frameworks and programs - NIST 800-53, FISMA, FedRAMP, PCI, SOC2, ISO, HIPAA and more. Multi-cloud support - Unify and monitor logs, metrics, and traces from multi-cloud or hybrid cloud environments. Sumo Logic enables real-time visibility into AWS, Azure, and GCP cloud applications and infrastructure. Moreover, 150 apps and native integrations give out-of-the-box visibility into the technologies that power your applications. Service Maps - The Sumo Logic service visualizes all service dependencies to give you insights into end-to-end execution of your mission critical transactions with open standard compatible distributed tracing data. Application and service dashboards break down latency, load, and errors to identify services contributing to application slowdowns Advanced Alert Analytics - Advanced analytics are applied across a unified repository of telemetry data to surface noteworthy insights that guide on-call teams to the root cause.

On-Demand Security Testing Platform

Authorizations

3

Reuse

2

Service Model

Impact Level

Status

FedRAMP Authorized

Open Federal Logistics Information System (OpenFLIS)

Authorizations

3

Reuse

2

Service Model

Impact Level

Status

FedRAMP Authorized

T-Metrics Cloud Contact Center (TCCC)

Authorizations

3

Reuse

2

Service Model

Impact Level

Status

FedRAMP Authorized

T-Metrics' Cloud Omnichannel Contact Center (CCaaS) solution provides Federal agencies with a secure, customizable, highly flexible, low-risk, and scalable option to improve the experiences of interactions with their constituents. Federal agencies looking to modernize their legacy premises-based contact centers now have a choice to migrate at their pace without compromising security. Building on two decades of innovation and security, T-Metrics’ CCaaS solution is the only single omnichannel contact center in the market that meets both the robust FedRAMP security standards for cloud deployments and the security and interoperability demands of the Joint Interoperability Test Command (JITC) certification for premises-based deployments. Through its flexible architecture, the TM-Cloud Omnichannel Contact Center enables agencies to customize cloud deployment models – public cloud (multi-tenant) and/or private cloud (dedicated instance) - to address different constituent requirements. Strategically designed, TM-Cloud Omnichannel Contact Center capitalizes on cloud architecture to integrate an agency's existing staff with existing customer telephony platforms (e.g., Avaya, Cisco, MS Teams, Zoom, etc.), which minimizes migration and project risk. Agencies can choose cloud, on-premises virtual machine, and/or on-premises physical servers to integrate existing voice services to the TM-Cloud Omnichannel Contact Center. This flexibility allows for zero-maintenance for full cloud deployments. Agencies choosing on-premises integration will provision hardware according to their own requirements and procedures. The TM-Cloud Omnichannel Contact Center can be scaled to accommodate current and future contact center resource demands and requirements. The ability to obtain agent subscriptions in small or large quantities enables organizations to quickly scale to levels necessary to handle even the most dynamic volume, especially for emergencies or seasonal demand. The contact center distributed architecture ensures a high-available and high-performance system is deployed in the T-Metrics FedRAMP cloud. Resiliency, scalability, and advanced feature access were traditionally available to only the largest contact centers with significant capital investment. Through the TM-Cloud Omnichannel Contact Center, these advantages are now available to every customer through flexible monthly subscriptions. The cloud-based service offerings provided by the T-Metrics TM-Cloud Omnichannel Contact Center include the following: - Skills-based and Attribute-based Routing - Interactive Voice Response - Microsoft TeamsTM Integration - Digital Channel Communication - Customer & Agent Callbacks - Voice and Screen Recordings - Analytics and Sentiment Analysis - Quality Management - Section 508 compliance (for agents and callers) - Advanced Agent and Supervisory Dashboards - Standard and Custom Reporting - Self Service Administration Portals - Natural language speech recognition - Voicebots and chatbots To learn more about how the T-Metrics CCaaS solution can satisfy your contact center requirements, please visit https://www.tmetrics.com/industries/fedramp.

Total Visibility Anywhere

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

TalaTek intelligent Governance and Risk Integrated Solution (TiGRIS)

Authorizations

3

Reuse

2

Service Model

Impact Level

Status

FedRAMP Authorized

Talkdesk CX Cloud™ Government Edition

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

14

Reuse

13

Service Model

Impact Level

Status

FedRAMP Authorized

Tango Reserve is a SaaS workplace solution for managing your use of workspaces. Tango provides this the capability to manage conference rooms, assigned seats, hoteling areas, neighborhoods, and provides operational Analytics for workplace optimization efforts. Functionality includes: Scalable instance Solution delivers a workspace hoteling, conference room, and assetreservation system. Secure authentication End user interface(s) to find available places to work and reserve workstations, conference rooms, and resources like equipment, services, health & wellness, parking, and transportation. Allows employees to set profile preferences, check-in, cancel and modify their reservations at their convenience. Add digital signage like Room Kiosks, Lobby Kiosks, Desk Signs, and ID Screens Wayfinding options to locate colleagues to enhance engagement, teamwork, and productivity. Utilize integrations with existing platforms to rapidly adopt and deploy. Self-service administrative tools and capabilities Ability to set limitless configuration of users and space relationships Analytics: Tango Reserve allows operational data to be revealed to understand how your office and people are working. By measuring your office space and managing your workplace operations this supports the agency mission to make data-driven decisions about your workplace and real estate as well as save tax-payers money. In addition to the solutions listed above, Tango customers can also license the extended services through the Tango Core applications: Tango Space Management software helps organizations plan, forecast and operate from a single solution. Space is space planning software to streamline space allocation, plan moves, analyze floor plans, and test potential scenarios. Key features include, CAD integration, stacking and blocking, planning and forecasting, scenario planning, move management, IoT integrations, and allocation reporting. Tango Transactions is built on a foundation of proven analytic capabilities, innovative data sets, native mapping and mobile-first experiences that are required to win in today’s dynamic corporate real estate environment. Key features include scenario development, pipeline management, budgeting, property analysis, mapping, and budgeting. Tango Platform provides both a single source of truth for all location and asset information. Tango’s Program & Project Management software solution organizes project portfolio and aligns activities across budgets & timelines. Provides a program view of all activities, including new builds, retrofits, remodels, closures, and special projects. Tango Projects is a single, integrated solution to align program budgets, timelines, and development activities across portfolio of projects, to quickly identify exceptions and take corrective action. Tango’s Lease Administration and Lease Accounting software brings together lease financials, accounting, and administration to manage all lease activities including options, expirations, renewals, key clauses, co-tenancy, recurring costs, rent rolls, expense reconciliation, and is built to comply with FASB ACS 842, IFRS 16 and GASB 87. Tango Predictive Analytics solutions provide the necessary intelligence to develop smarter location strategies and make better capital investment decisions by combining advanced AI/ML modeling with data in a scalable geospatial analytics platform. Tango Edge, an extension of the company’s Integrated Workplace Management System solution, provides a fully integrated collaboration workspace and communications hub that enables your partners to access and interact with Tango solutions. Agencies leverage these solutions to manage: Hybrid Work – Manage and measure work from any location including WFH (work from home), the office, other Agencies, or coworking locations. Reduce the Footprint – Measure the actual utilization of space for short duration Workplace Surveys as well as continuous, consistent, and systematic measurement of People, Presence, and Workplace use across the entire portfolio year after year. Agencies can cut their office space by up to 50%, as facilitated for GSA’s 1800F HQ in Washington, DC. Tango Reserve Analytics data analysis provides management the support tool necessary to augment space planning and office space invest/divest decisions. Zero Emission Buildings – Through actual utilization measurement, real estate reduction, and shared desk strategies, Agencies can reduce their office space, and thus reduce their Carbon Footprint by up to 50%

Tanium Cloud for US Government (TC-USG)

Authorizations

3

Reuse

2

Service Model

Impact Level

Status

FedRAMP Authorized

Federal GovCloud (FGC) DevSecOps

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Humanify Enterprise - Government (Humanify Enterprise - G)

Authorizations

14

Reuse

13

Service Model

Impact Level

Status

FedRAMP Authorized

TTEC Digital’s Humanify Enterprise for Government (Humanify G) is a secure customer experience VOIP solution, powered by Cisco’s UCCE and UC Enterprise Software. Designed for agencies with up to 80,000 unified communications endpoints and 24,000 knowledge workers or agents, it allows you to scale as needed to meet citizen demand. By applying technologies like journey orchestration, analytics, and AI/automation you can deliver efficient and intuitive constituent services while reducing overall contact center costs. Key Features Experience Cloud integrates with Humanify Enterprise Workforce Optimization SaaS (WFOaaS Quality Assurance / Call Recording / Desktop Screen Recording, Speech Analytics, and Post Call IVR surveys, powered by Verint) to enable departments and agencies to capture citizen and stakeholder feedback after interactions with contact center agents, and then utilize that input to drive coaching and feedback. TTEC Humanify Enterprise - Government platform users can now obtain the unique value of these solutions working together to drive improvements in citizen and stakeholder service. WFOaaS Quality Assurance / Call Recording / Desktop Screen Recording. The Humanify Enterprise Workforce Optimization Software as a Service for Government Community Cloud provides Quality Monitoring (QM), Contact Recording, Text to Speech Analytics. The service records 100% of voice calls and 15% of contact center agent desktop screen recordings for compliance, transaction verification, and legal protection. Data is stored in a FedRAMP encrypted format and available for playback and analysis and for agent performance scoring. Workforce Management (WFM) provides forecasting, multi-skill scheduling, and real-time adherence for contact center agents. Includes features for workflows, intra-day dynamic scheduling, audit trail reporting, and mentoring requests. The speech-enabled Interactive Voice Response (IVR) enhanced by Natural Language Processing and Natural Language Understanding (NLU/NLP) enables seamless self-service capability through the use of Voice Bot and Chat Bot capability. Experience Cloud, powered by Verint Experience Management Experience Cloud, is a SaaS application platform that utilizes the TTEC Humanify Enterprise - G to make delivering exceptional experiences easy. The Experience Cloud gathers omni-channel experience information from citizens, employees, and digital site visitors and helps to prioritize and provide key insights on ways to improve those experiences. Process and analyze direct feedback from multi-channel surveys, unstructured text data from open-ends and other comment streams, and behavior data from web interactions Automate and speed decision-making with our proprietary Predictive Engine paired with Verint Professional Services guidance Operationalize across all functions with real-time triggers and alerts; custom dashboards for executives, service center managers, and contact center managers and agents; and case management tools for follow-ups when appropriate with a citizen or other key stakeholders Experience Cloud consists of multiple solutions that work either singly or together to capture, analyze, and act on citizen and stakeholder feedback. These solutions include: Predictive Experience allows organizations to measure citizen experiences across channels, prioritize resources effectively, accurately benchmark performance, and bring certainty to their experience programs with proven predictive data science and AI-powered technologies. Digital Experience captures real-time citizen-initiated feedback via web and mobile channels throughout the digital citizen journey, empowering organizations to make smarter, faster decisions to improve experiences. Enterprise Experience enables organizations to engage citizens and employees to understand, analyze, and orchestrate improved experiences, satisfaction, and trust across multiple channels. Text Analytics provides the ability to analyze text information from any text stream, including surveys, comment posts, and others, and to extract key insights found in those text comments around the topics, keywords, and the related sentiment expressed in those comments Unified Experience enables Federal departments and agencies to capture feedback across virtually any channel, combine those feedback channels (and a wide variety of external data sources to enrich the data, correlate the information from disparate sources to create customized data models, and then use those data models to drive collaboration and closed-loop action on the data. Humanify Portal provides easy access to your contact center and unified communications administrative and management tools from a single interface. It increases the flexibility of the platform. It allows end-user administrators to perform Move, Add, Change, and Delete (MACD) activities for phones, personnel, locations, skill groups, agent teams, and many other system elements. It also allows administrators to change routing rules, IVR prompts, call queues, and contact flows. You can also increase the agility of managing your contact center operations with Humanify Portal Mobile, a 100% web-based application for on-the-move access. (508 Compliant) Integration with Contact Center Solutions (Cisco, Genesys, and Amazon Connect) Availability and Support High availability/disaster recovery deployed across two data centers for full failover in the event of an outage 24x7x365 support with one of the largest pools of Cisco-certified engineers anywhere TTEC Digital delivers automated training programs and knowledge systems that enable CX delivery across every channel

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Tenable Cloud Security for US Government - Ermetic

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Tenable Government Solutions

Authorizations

20

Reuse

99

Service Model

Impact Level

Status

FedRAMP Authorized

VantageCloud Lake

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

Administrative Data Research Facility (ADRF)

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

ThreatConnect For Government

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Totara Talent Development Government Cloud Platform

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

TruValidate Identity Verification

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

TRAPWIRE Threat Detection and Analysis System

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

TRAPWIRE is a software platform for detecting and alerting on threats against your assets and personnel in real-time. It provides a comprehensive suite of tools all synchronized and accessible in one centralized, highly secure and encrypted platform, including: - Incident reporting - Pattern analysis - Threat detection - Originator-controlled information sharing - Mass warning and notification - Cross-organizational collaboration The TrapWire Threat Detection and Analysis System is a web-based software-as-a-service offering that provides secure web access to a suite of incident reporting, analytical, and information sharing tools. It bridges disparate agencies into a network of security-focused organizations, where each Agency owns its data and determines what other organizations its users may collaborate with. In addition to secure web access, the following services are available: The TrapWire Mobile App: Enables real-time incident reporting and feedback from the TrapWire Network while in a mobile environment such as VIP or perimeter protection. The TrapWire Community Member (CM) App: Allows organizations to broaden their protection footprint to include the eyes and ears of their communities of interest, empowering them to report suspicious activity in a structured manner through publicly accessible apps branded to each organization’s needs. The TrapWire API: Provides for integration between a TrapWire System deployment and legacy or other enterprise systems, enabling a system-of-systems approach to data integration. The TRAPWIRE Threat Detection and Analysis System brings security organizations into a protection network that detects and alerts on mutual threats spanning time and geography, allowing users to break down stovepipes and interdict threats before they materialize into successful criminal or terrorist acts. The network encapsulates thousands of protected facilities and personnel spanning Federal, State, and Local Law Enforcement; Anti-Terrorism/Force Protection personnel; private/commercial security organizations; and community protection programs. Bringing all sectors together with modern technology and expert analytical support services, while maintaining ""originator control"" principles for each owner's data, empowers a tangible force multiplier effect.

Trellix GovCloud Security Platform

Authorizations

4

Reuse

3

Service Model

Impact Level

Status

FedRAMP Authorized

Trellix GovCloud Security Platform (formerly known as Trellix XDR GovCloud) is a SaaS offering that is deployed on AWS GovCloud IaaS. The SaaS offering is made up of a suite of solutions developed by Trellix. Trellix GovCloud Security Platform enables customers to centrally manage security for their organization while leveraging real-time monitoring and protection of the environment. Machine learning, artificial intelligence, and behavioral analysis are used to detect and respond to suspicious activity based on comparing observed activity to real-world adversarial attack techniques. - Trellix ePolicy Orchestrator (ePO) is a SaaS-based centralized management console for using Trellix's Endpoint solution with enhanced native security controls without the complexity of on-premises infrastructure. The client-side component of Trellix ePO provides secure communication between Trellix ePO and managed products. In addition to downloading and enforcing policies, Trellix Agent performs client-side tasks such as deploying and updating endpoint products. In order to manage an endpoint with Trellix ePO, Trellix Agent must be installed on each system in your network. As an optional deployment method, Trellix also offers the ePO On-prem platform that can be installed on the customer’s premises, as well as in air-gapped environments. - Trellix Endpoint Detection and Response (EDR) provides continuous data collection and advanced analytics that helps you detect suspicious behavior on your endpoints. Using alert ranking and data visualization, you can quickly understand the threat and take immediate action. Trellix ML Protect (formerly known as Trellix Real Protect) is a machine learning cloud which enhances our Endpoints pre-execution machine learning with post-execution to detect dynamic behavior based on machine learning algorithms derived from over a billion sensors and over 30 years of experience. - Trellix Global Threat Intelligence (GTI) is based on activity from millions of sensors world-wide and an extensive research team, Trellix publishes timely, relevant threat activity via GTI. This always-on, cloud-based threat intelligence service enables accurate protection against known and fast-emerging threats by providing threat determination and contextual reputation metrics. GTI integrates directly with our security products, instantly protecting against emerging threats to reduce operational efforts and time between detection and containment. - Trellix Threat Intelligence Exchange (TIE) acts as a reputation broker that combines threat intelligence from imported global sources, such as Trellix Global Threat Intelligence (GTI) and third-party threat information (such as VirusTotal) with intelligence from local sources, including endpoints, gateways, and advanced analysis solutions. Using Trellix Data Exchange Layer (DXL), it instantly shares this collective intelligence across the security ecosystem, allowing security solutions to operate as one to enhance protection throughout the organization. - Trellix Insights is an industry-first proactive security solution that changes the cyber security paradigm with the capability to stop threats before the attack. It provides actionable and preemptive threat intelligence by leveraging Trellix's cutting-edge threat research, augmented with sophisticated AI applied to real-time threat telemetry streamed from over 1 billion sensors. This global insight is applied to assess an organization's environment and its security posture to predict and prioritize actions for the Security Operations Team. - Trellix Helix Connect integrates data from security tools (Trellix native controls and 490+ third parties) to tell you the complete story of an attack. Data is ingested from multiple sources, then correlated by pre-built analytics and rules to create multi-vector, multi-vendor detections.Trellix GovCloud Security Platform (formerly known as Trellix XDR GovCloud) is a SaaS offering that is deployed on AWS GovCloud IaaS. The SaaS offering is made up of a suite of solutions developed by Trellix. Trellix GovCloud Security Platform enables customers to centrally manage security for their organization while leveraging real-time monitoring and protection of the environment. Machine learning, artificial intelligence, and behavioral analysis are used to detect and respond to suspicious activity based on comparing observed activity to real-world adversarial attack techniques.

Trellix Email Security GovCloud

Authorizations

8

Reuse

7

Service Model

Impact Level

Status

FedRAMP Authorized

The Trellix ESC GovCloud is a SaaS offering that provides advanced protections against modern sophisticated email attacks. ESC GovCloud consolidates advanced threat prevention with traditional Email Anti-Spam and Anti-Virus security to optimize spending, reduce false positives, and enable operational efficiencies through consolidation. ESC GovCloud can be deployed in line to analyze emails and quarantine threats for active protection, or as a passive monitor for 'bcc' type review of each email. With no hardware or software to install, the ESC GovCloud is a particularly good fit for organizations seeking to move their infrastructure into the cloud. This eliminates the complexity of procuring, installing, and managing a physical infrastructure. ESC GovCloud provides organizations several unique capabilities, such as: - Identifying previous targets of spear-phishing, impersonation, virus and spam emails - Locating copies of the malicious email in target inboxes - Finding out if the message is being forwarded to new targets - Detection of advanced malicious URL threats - The ESC Portal shows region- and industry-based malware trends, has customizable security policies, RBAC, and audit logging. Organizations face an ever-increasing number of threats from email-based spam, viruses, and advanced threats. ESC GovCloud uses the signature-less Trellix Multi-vector Virtual Execution™ (MVX) engine to analyze every attachment and URL within emails to detect threats and stop advanced attacks in real-time. Today's advanced attacks use email as a primary delivery mechanism for malicious content. While some attacks use an attachment with embedded malicious code, it is common for cybercriminals to use a malicious link thereby blending attack tactics in the hopes of bypassing today's traditional defense silos. ESC GovCloud uses the cloud-based MVX engine to detonate email attachments against a cross-matrix of operating systems and applications, including multiple Web browsers and plug-ins like Adobe Reader and Flash. To block spear-phishing emails, ESC GovCloud analyzes every attachment using the MVX engine to accurately identify today's advanced attacks. ESC GovCloud includes anti-virus and anti-spam engines and may also be paired with an organization's existing anti-virus and anti-spam email gateways.

Trello Enterprise Cloud

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

AI for Federal Acquisitions (ACQBOT)

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Trend Cloud One for Government

Authorizations

1

Reuse

2

Service Model

Impact Level

Status

FedRAMP Authorized

Trend Vision One for Government

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Trustwave Fusion

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Network Inventory and Optimization Solution (NiOS®)

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Tyler Federal Product Suite

Authorizations

38

Reuse

37

Service Model

Impact Level

Status

FedRAMP Authorized

Tyler Data Platform, powered by Socrata

Authorizations

10

Reuse

9

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

1

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

UberEther Advantage The UberEther Advantage platform offers a highly secure and easy-to-deploy boundary platform with FedRAMP High and DoD IL5 authorizations based on NIST 800-53 Revision 5 security control requirements. The platform includes two main solutions within the authorization boundary: • ATO Advantage: An empty boundary platform designed to accelerate FedRAMP and DoD authorization for agency solutions and third-party software products. • IAM Advantage: A comprehensive identity and access management (IAM) solution equipped with pre-installed, configured, and optimized IAM tools. ATO Advantage ATO Advantage provides a Platform as a Service approach to satisfy over 355 of the required 425+ technical controls out-of-the-box, which are then inherited by third-party applications when deployed on the platform. This includes the preparation of required documentation and artifacts such as the System Security Plan (SSP) and automated POA&M reports. The platform can help agencies and software vendors deliver their solutions securely at the speed of need. IAM Advantage IAM Advantage delivers an end-to-end identity management solution integrating leading identity and access management products. This includes support for seamless single sign-on (SSO), multiple NIST 800-63 multi-factor authentication options, privileged user management, and separation of duties enforcement. The platform ensures compliance with Continuous Diagnostics and Mitigation (CDM) and EO 14028 requirements. Services: • AppGate Software Defined Perimeter • BeyondTrust Endpoint Privilege Management • BeyondTrust Password Safe • CyberArk Central Policy Manager • CyberArk Digital Vault • CyberArk OnDemand Privileged Manager • CyberArk Password Vault Web Access • CyberArk Privileged Access Management • CyberArk Privileged Session Manager • CyberArk Privileged Threat Analytics • PingAM (formerly ForgeRock Access Management) • PingDS (formerly ForgeRock Directory Services) • PingGateway (formerly ForgeRock Identity Gateway) • Ping IDM (formerly ForgeRock Identity Management) • Nok Nok - Phishing Resistant S3 Authentication Suite • OpenSearch & Dashboards (SIEM & User Behavior Analytics) • Ping Government Identity Cloud • PingAccess • PingAuthorize • PingCentral • PingDirectory • PingFederate • Ping MFA for Government • Radiant Logic RadiantOne Data Management • Sailpoint IdentityIQ (IIQ)

Automation Cloud Public Sector

Authorizations

5

Reuse

4

Service Model

Impact Level

Status

FedRAMP Authorized

Contracting SaaS

Authorizations

8

Reuse

7

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

4

Reuse

3

Service Model

Impact Level

Status

FedRAMP Authorized

FedConnect provides US Government Acquisition leaders and Contract Officers a secure, full-lifecycle, auditable approach to interacting with vendors and complying with Paperless Contracting mandates. FedConnect is a Federal acquisition and grants portal where vendors and grant applicants can find opportunities for federal contracts, grants, and other types of assistance funding. It was developed to bridge the gap between government agencies and their vendor and grant applicant/recipient communities in order to streamline the process of doing business with government. Through the FedConnect portal, Federal Government representatives are able to issue opportunity requests and make awards via the internet. Company representatives are able to review opportunities, submit bids or proposals, and receive awards. FedConnect provides an open channel of communication with the government that is both secure and auditable. There are three types of government opportunities facilitated through FedConnect: traditional eRFX issuance, Reverse Auction events, and Financial Assistance opportunities, e.g. grants. For eRFX and Financial Assistance opportunities, FedConnect is offered by subscription fee to Federal Government agencies that are federally regulated. For Reverse Auction only, there is no subscription fee to Federal Government agencies. The bidding and winning vendor company is responsible for payment upon award. On the government side, FedConnect is accessed through a system-to-system interface to the Unison Contracting and Grants software applications, where Government procurement and grant representatives become indirect users of FedConnect. On the Vendor/Applicant side, FedConnect is accessed via the internet with a browser. Anyone can access the FedConnect web site and review public opportunities. However, to receive directed opportunities that are not publicly issued, respond electronically, and receive ongoing communications, a vendor/applicant must be registered. To learn more about FedConnect and its capabilities, please visit the public portion of the FedConnect site.

Authorizations

5

Reuse

4

Service Model

Impact Level

Status

FedRAMP Authorized

The US AI platform is a managed service comprised of a suite of microapps and microservices built on an AI-powered data lake, zero-trust framework, and hyperscale microservices infrastructure. Using microservices, US AI decomposes complex business components into smaller, autonomous services that are infinitely more scalable. US AI operates under a multi-tenancy model, where customers have the option to leverage the shared tenant to save money or have their own tenant to house their unique data; all while also leveraging the hyperscale community database containing hundreds of millions of valuable, common, and curated records for acquisition, grants, finance, health, and supply chain. A cloud native infrastructure, US AI scales elastically and dynamically, and relies on infrastructure automation and devsecops to optimize the operations and management of the infrastructure. The US AI suite consists of microapps, mobile apps, and microservices that power global business operations through a suite of services: 1. Extreme Innovation Software Factory - Customers may subscribe to (or acquire) the microapps in the US AI app store. Alternatively, customers may host their applications, leverage the native CI/CD pipelines, software libraries, data pipelines, and security controls to launch their applications with speed, quality, and high impact security. Customers may acquire a tenant to run their applications and isolate them from other applications within US AI. Using templates, customers run their applications on their own Kubernetes clusters across multiple high impact clouds such as Amazon Web Services, Google Cloud, and Microsoft Azure. Customers may acquire access to a curated community data lake consisting of over 50 public data sets for acquisition, finance, supply chain, healthcare, insurance, etc. 2. Archangel - Archangel demystifies, automates, and streamlines the cybersecurity lifecycle, from Governance, Risk, and Compliance (GRC) to Continuous Diagnostics and Mitigation (CDM). Cloud Service Providers (CSPs) and security professionals apply AI to eliminate redundancy, digitize workflows, and automate security accreditation by predicting compliance with security controls. Additionally, CSPs and security professionals apply Blockchain, AI, and RPA to continuously monitor device logs and predict vulnerabilities and breaches. Lastly, security, supply chain, and risk management professionals apply AI to predict global security and supply chain risks. 3. Certior – Certior is a highly accessible solution for providing unparalleled traceability, provenance, and auditability to any level of granularity an organization wishes to track to. Certior accomplishes this by letting organizations model and set up tracking for their various products and supply lines through easy-to-use point and click configuration. Without needing developers, you have a great amount of control over what gets tracked when, by whom, and to what level of detail. 4. Evolution - Evolution applies a low-/no-code process configuration designer to empower customers to facilitate, manage, and monitor the movement of individuals entering and leaving any secured locations; requesting services; and receiving services including, but not limited to passport, visas, asylum, healthcare, transportation, etc. 5. Forsight - Forsight is a novel general purpose AI platform that uses unsupervised and supervised machine learning to collect, sanitize, curate, and index both structured and unstructured acquisition, emergency response, finance, grants, health, and supply chain data within a high performing, parallel processing data lake. Forsight facilitates the extraction of crucial business insights and predictions for price optimization, compliance, risk, fraud, etc. Lastly, Forsight connects humans to the AI workflow to train the machine to make better predictions. 6. Gini - Gini applies Blockchain, AI, and RPA to intelligently automate the grants life cycle, institutionalize a standardized pre-award risk framework, and reconcile financial ledgers throughout the grant ecosystem. Grants professionals and recipients use the digital dossier to share data and reduce recipient burden and administrative costs. Gini runs on hyperscale community database that consolidates, curates, and indexes over 100TB of data from 30+ public and private data sources. Gini uses AI to scan millions of records of data including single audits to extract key findings, including but not limited to financial health; procurement, suspension, and debarment; improper cash management; excessive executive pay, eligibility; etc. 7. Illuminate - Illuminate is a collection of emerging technologies that power a state-of-the-art supply chain ecosystem. Contracting professionals leverage intelligent automation to accelerate acquisition, make smarter buys, and ensure compliance. Additionally, contracting professionals leverage AI to automate contract formation, administration, and closeout. Lastly, supply chain leaders use Blockchain and AI to track the provenance of goods and services and “illuminate” areas of inefficiencies. 8. Siqi - Siqi is a collection of emerging technologies that power a state-of-the-art healthcare ecosystem. Siqi uses mobile and micro apps to collect vital personal health information and save transactional information onto a blockchain. Personal digital identity and health records are protected via encryption and self-sovereign identity. Siqi uses AI to predict the presence of disease such as COVID, skin cancer, etc. and provides an immutable digital provenance for contact tracing and disease analysis. 9. Velicus – Velicus applies Blockchain and AI to combat global pandemics by transforming the global emergency response through a coordinated ecosystem. Velicus facilitates the global emergency response process to pandemics like COVID-19, Ebola, SARS, MERS, etc. Participants in the emergency response value chain can track the geolocation, health, and safety of responders, connecting to their deployment force anywhere in the world. AI is used to match responders to an event based on requirements such as skill, education, mental health, etc.

USDA Digital Infrastructure Services Center

Authorizations

4

Reuse

9

Service Model

Impact Level

Status

FedRAMP Authorized

The USDA's Digital Infrastructure Services Center (DISC) is a federally-owned Cloud Service Provider for systems that are owned by Federal, State, and Local governments. The USDA DISC offers both IaaS and PaaS services to its customers on Midrange and Mainframe infrastructure, with a variety of operating system platforms and database options to choose from in a fully virtualized hosting environment. Network services are provided for both IaaS and PaaS environments, and offer robust, secure and highly redundant connectivity to the USDA WAN and the Internet. Additional information about these services is available here (http://www.ocio.usda.gov/about-ocio/data-center-operations-dco). The USDA DISC Service Catalog is available here (http://www.ocio.usda.gov/document/nitc-service-catalog) The USDA DISC Infrastructure as a Service (IaaS) offering provides a virtual machine infrastructure which allows customers the option to maintain control of their operating and general support systems at the system level. Network, Facility and Operational Support Services are included with all IaaS offerings. Security monitoring and defense in depth for all IaaS servers is provided via periodic vulnerability scanning with best-in-class software. IaaS customers receive the benefit of fully managed standardized hardware, advanced server virtualization, strict standards, security and economies of scale from DISC. The USDA DISC's Platform as a Service (PaaS) offerings build upon IaaS offerings and enable customers to select from secure, standardized Operating System images that are configured to meet actual processing requirements. The PaaS service offering provides fully managed Operating Systems that are maintained by USDA DISC. These hardened and virtualized operating systems leverage advanced server virtualization technologies, compliant security and build standards, and economies of scale. The PaaS offering enables rapid delivery of cost-effective, fully-managed operating platforms offering expanded controls to securely host customer's mission critical applications. This USDA DISC PaaS offering is currently available for multiple operating systems, including: RedHat Linux, Microsoft Windows, Oracle Solaris, IBM AIX, and zOS. The DISC PaaS Service offering also fully supports many database offerings, including: mySQL, MSSQL, Oracle and DB2. Security services offered by USDA DISC, as part of all standard service offerings, are implemented and monitored through Department of Homeland Security (DHS) Continuous Diagnostics and Mitigation (CDM) solutions. In addition to the FedRAMP Moderate security control baseline, the USDA DISC has implemented FISMA High security controls for all service offerings and FedRAMP+ DoD Impact Level 4 (IL4) controls within the Midrange PaaS service offering.

AgCloud Managed Platform Services (AMPS)

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Treasury Cloud (TCloud)

Authorizations

6

Reuse

5

Service Model

Impact Level

Status

FedRAMP Authorized

Workplace.gov Community Cloud (WC2)

Authorizations

3

Reuse

2

Service Model

Impact Level

Status

FedRAMP Authorized

Unqork for Government

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

USU IT Asset Management

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

Valimail Enforce Platform

Authorizations

3

Reuse

2

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Varonis DatAdvantage Cloud

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Varonis DatAdvantage Cloud is a cloud-hosted data security platform for protecting and governing enterprise data. Varonis DatAdvantage Cloud protects data wherever it lives by reducing unnecessary access, fixing misconfigurations, inventorying and labeling critical data sets, and stopping insider threats. With Varonis DatAdvantage Cloud agencies can meet EO 14028 requirements to establish zero trust by inventorying and protecting their most sensitive data. OMB 22-09 data pillar and identity requirements can be fulfilled automatically with DatAdvantage Cloud's powerful automation suite. DatAdvantage Cloud tracks all user activity around cloud platforms and aggregates these logs in a single source. Varonis’ advanced user and entity behavior analytics helps to identify compromises by understanding anomalous behavior at the file/object level, easily fulfilling OMB 21-31 up to EL-3. Automated dashboards track various Federal regulations (i.e. NIST 800-53) for easy compliance reporting. Varonis DatAdvantage cloud integrates with a wide array of data repositories, SaaS applications, and cloud infrastructure to give customers a holistic view of their data. Varonis can be used to address these important use cases and more: Detecting insider threats and cyberattacks: Varonis DatAdvantage Cloud detects threats to data, including insider threats and external cyberattacks with a live-updating library of pre-built threat models based on attack techniques and vulnerabilities used by real-world adversaries. Limiting the blast radius of an attack: Varonis DatAdvantage Cloud analyzes where there is unnecessary access to data and can eliminate excessive access at scale, drastically reducing the damage from insider threats and cyberattacks. Preventing data exposure: Varonis DatAdvantage Cloud’s DSPM capabilities help teams automatically classify sensitive data, find where information is exposed externally or internally, and helps teams continually prioritize remediation efforts to improve security posture. Fixing misconfigurations: Varonis DatAdvantage Cloud provides SSPM capabilities to analyze and fix misconfigured Software as a Service (SaaS) applications, discover shadow instances, and spot vulnerabilities that could put data at risk. Achieving compliance: Varonis’ vast library of classification policies can discover sensitive data related to GDPR, CCPA, HIPAA, PCI, FTI, CUI, CJIS, Secret, Top Secret and more. The permissions analysis and continual monitoring Varonis provides gives auditors a real-time pulse on compliance and helps customers achieve compliance with NIST 800-53, NIST 800-171, RMF, CMMC, IRS Pub 1075 and more.

Varonis Data Security Platform

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

The Varonis Data Security Platform is a cloud-hosted data security platform for protecting and governing enterprise data. Varonis DSP protects the most used data stores by enforcing least privilege, fixing misconfigurations, inventorying and labeling critical data sets, and stopping insider threats. With the Varonis DSP agencies can meet EO 14028 requirements to establish zero trust by inventorying and protecting their most sensitive data. OMB 22-09 data pillar and identity requirements can be fulfilled automatically with Varonis’ powerful automation suite. The Varonis DSP tracks all user activity around cloud platforms and aggregates these logs in a single source. Varonis’ advanced user and entity behavior analytics helps to identify compromises by understanding anomalous behavior at the file level, easily fulfilling OMB 21-31 up to EL-3. Automated dashboards track various Federal regulations (i.e. NIST 800-53) for easy compliance reporting. Varonis integrates with agencies most used data stores like M365, NAS devices, Unix/Linux, and other cloud collaboration tools to give customers a holistic view of their data. Varonis can be used to address these important use cases and more: Detecting insider threats and cyberattacks: Varonis provides behavior-based threat detection that uses machine learning to alert on abnormal user or device behavior. Additionally, Varonis provides a live-updating library of pre-built threat models based on attack techniques and vulnerabilities used by real-world adversaries. Pinpointing data exposure: Varonis automatically classifies sensitive data, highlights where information is exposed externally or internally, and automatically removes unnecessary access to enforce least privilege. Limiting the blast radius of an attack: Varonis safely automates permissions changes to eliminate unnecessary access and drastically reduces the damage from insider threats and cyberattacks. Tracking Email Abuses : Varonis scans inside of emails/attachments and captures all user email activity while alerting on abuses, tracking spillage, and mapping the exact flow of sensitive data through email platforms. Achieving compliance: Varonis’ vast library of classification rules can discover sensitive data related to GDPR, CCPA, HIPAA, PCI, CUI, FTI, CJIS, Secret, Top Secret and more. The permissions analysis and continual monitoring Varonis provides gives auditors a real-time pulse on compliance and helps customers achieve compliance with NIST 800-53, NIST 800-171, RMF, CMMC, IRS Pub 1075 and more.

Vaultara Flare Services

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

7

Reuse

6

Service Model

Impact Level

Status

FedRAMP Authorized

Veracode Online Security Platform for Government

Authorizations

4

Reuse

45

Service Model

Impact Level

Status

FedRAMP Authorized

Verint Self-Service for Government

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

Alta SaaS Protection (ASP)

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

Veritone Intelligent Digital Evidence Management System (iDEMS) for Government

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

Veritone Illuminate Veritone Illuminate is part of the Veritone iDEMS suite. Veritone Illuminate minimizes discovery spend and time for legal teams by transcribing, searching and analyzing audio, video and text-based evidence early in a case to quickly identify, cull-down, and focus on relevant data only. Veritone Illuminate enables law enforcement investigative teams to cost-effectively search, analyze, and explore large amounts of audio, video and text-based evidence. Accelerate early case assessment efforts by automatically making structured and unstructured (audio, video) evidence data searchable by keywords, faces, objects, and more. Cull down evidence data to focus your eDiscovery on relevant content only. Reveal front-end insights that might not have been uncovered in subsequent search efforts with cutting-edge conceptual and structured text analytics supporting text-based files, audio and video. Quickly transcribe audio and video recordings. All transcripts can be downloaded and opened with any word processing application such as Microsoft Word. Minimize storage costs by culling and analyzing large volumes of evidentiary media at scale. Reduce translation costs by leveraging automated machine-based capabilities supporting 70+ languages and dialects. Facilitate downstream review via one-click export into your eDiscovery platform of choice. Veritone Redact Veritone Redact is part of the Veritone iDEMS suite, and empowers judicial and law enforcement agencies to swiftly redact sensitive, personally identifiable or compromising information from audio and video evidence, and share that evidence within existing workflows. With its AI-powered, all-in-one approach, Redact transforms the way agencies comply with public information disclosure requirements by streamlining digital evidence redaction workflows, and in turn, increasing productivity of public safety personnel. Veritone Redact is an equipment-agnostic solution enabling users to simply upload audio and video evidence from a local computer or cloud repository. Packaged as a complete solution, Veritone Redact empowers agency teams to manage their digital evidence redaction workflow in one place with the ability to tag the status of evidence redactions, as well as export fully redacted video and audio files including audit logs detailing edits made to evidence by individual users to support chain of custody requirements. The solution can be integrated with frequently-used hardware providers and is deployable in either commercial cloud or secure government cloud environments that are configured to meet customers Criminal Justice Information Services (CJIS) security requirements. Veritone Track Veritone Track is part of the Veritone iDEMS suite. Veritone Track is a digital forensics tool for law enforcement and public safety agencies. It analyzes videos from separate sources to track persons of interest without using personally identifiable information (PII). It uses re-identification AI technology to detect people and vehicles and track where they appear across other video footage to accelerate video evidence analysis. Inundated with mountains of video evidence, agencies can drastically reduce the number of hours spent reviewing footage to build a timeline of events and a comprehensive narrative around an event or individual. The impact for DOD customers will be large-scale efficiency improvements in investigation processes, evidence review, and significant cost savings. Veritone aiWARE Operating System aiWARE™ for Government is an operating system for artificial intelligence (AI) that turns both private and public media into actionable intelligence. This transformation from data to understanding is achieved through the organized interrogation of content via a robust set of artificial intelligence engines and powerful applications acting in concert. A continuously-evolving environment of advanced applications, core services, developer tools, and cognitive computing - aiWARE offers potent content ingestion, indexing, search, correlation, analytics, sharing, and collaboration capabilities. aiWARE affords unprecedented scalability and computational analysis in a SaaS delivery model. It makes advanced artificial intelligence truly accessible, understandable and beneficial to users of all technical skill levels for simplified organization and analysis of the escalating volumes of audio and video media as well as structured content. The aiWARE ecosystem of best-of-breed cognitive engines in a single platform eliminates the need for agencies and mission owners to select one vendor from the landscape of thousands of engines, which effectively future-proofs technology choices, and ensures timely and common access to the latest AI advances. Veritone Automate Studio Veritone Automate Studio is a low-code / no-code automation solution within Veritone’s aiWARE Enterprise AI platform, Automate Studio helps you to easily deploy AI workflows quickly and efficiently, cutting down your development efforts from months to days to even hours. From creating a workflow to extracting data trapped in a disparate data source to applying different AI models to a particular dataset, Automate Studio helps your development team meet those long manual coding processes in a quick and an efficient manner. The impact for DOD customers is gaining the ability to easily create and deploy AI-based workflows to ingest, index, extract, and export content, transforming that content into actionable intelligence and making that intelligence available to bespoke & legacy applications. Veritone Integrations Veritone’s iDEMS currently ingests and supports data from the following platforms and tools: - Freedom Of Information Act (“FOIA”) providers such as Granicus and Opexus; - Body & dash camera companies: Axon’s Evidence.com, Motorola Solutions, Getac, Reveal, LensLock, 10-8 Video, PatrolEyes, Safe Fleet, WOLFCOM, VeriPic, i-PRO and Trusted Technology Solutions - Device extraction tools: Cellebrite and Graykey (Axiom) - Home security systems: Ring, Arlo and SimpliSafe - Drone manufacturers: DJI, Skydio and BRINC - Video management systems: Milestone and Qognify - Investigations and forensics providers: Nuix Neo Investigations and Exterro Digital Forensics Suite - Gunfire detection systems: SoundThinking, Inc. - Gun crime intelligence: EvidenceIQ’s BallisticIQ - License plate readers: Flock Safety - Secure data link protocol providers: Link 16 - e-discovery platforms: Exterro e-Discovery Suite; Relativity and Nuix Discover - Hyperscaler’s cloud storage platforms: iAWS S3; Azure Storage, Google Storage and IBM

Verizon Managed SD WAN

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

Verizon Government Cloud

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

Verkada Command Platform

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

Digital Health Research Platform

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Virtru Data Security Platform

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Federal Cloud (VFC)

Authorizations

2

Reuse

4

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

The VLogicFM® system is designed to provide users with real-time information about facilities that are managed within the system. System Function or Purpose The VLogicFM system provides users with an overview of facilities usage as well as output data from sensors installed within the various facilities (e.g., motion, temperature, and humidity sensors). The VLogicFM system achieves this goal through the use of multiple modules that end-users can access via the VLogicFM Graphic User Interface (GUI). VLogicFM is composed of the following modules. Administration Module The Administration module provides a set of tools and utilities that allow administrators to manage user accounts and credentials, set up locations properties such as Sites, Buildings and Floors, and manage overall Access Control. Reports of background data and a Logbook of the activities in all modules by all users are also included in the Administration module. This module is accessible only by Administrators. As-Builts Module The VLogicFM As Built module provides a secure cloud-based repository of master as-builts CAD drawings, organized by site, building, floor and discipline. It facilitates sharing of drawings with professionals like engineers, construction managers, project managers etc. Stakeholders with access privileges can collaborate my notating ideas and comments right on the drawings for later discussion and decision-making. The As-Builts module also provides for drawings version control management, to keep track of all drawing iterations, and maintain an archive of all past versions. Assets Module The VLogicFM Assets module provides a repository to store an inventory of facility assets. In addition, this module maps these assets to their location on facility floor plan drawings. This allows the user to not only list specific assets but also mark asset locations right on the CAD floor plan drawings—rapid identification of an asset AND its floor plan location simultaneously. The Assets module lets you add asset attributes, documentation, and attach asset pictures. Finally, you can also conduct asset audits using the companion VL Audit Android/iOS app for scanning asset and room bar/QR codes. Capital Asset Inventory (CAI) Module Each VA Medical Center is obligated to periodically submit a Capital Asset Inventory (CAI) report to its VISN office and ultimately to VA Central Office. Part of this VA report includes over 90 specific facility-related CAI space drivers that must be assigned to every space in the facility. The VLogicFM CAI module was custom-made specifically for the VA and includes all of these mandatory CAI space drivers. Users can assign these CAI space drivers to every space in the facility. This allows users to leverage VLogicFM to rapidly generate facility-related CAI reports for use in their periodic CAI submissions. What used to take weeks of manual effort can now be done in minutes. Employee Module The Employee Module manages assignments of employee lists to specific spaces on the CAD floor plan drawings by role/title or name. This module allows a facility to show how different organizations are stacked in the facility and also provides tools for moving employee room assignments across the facility. Fire and Life Safety Module The Fire and Life Safety Module facilitate organized documentation of the Fire Protection system linking riser diagrams, floor plan drawings and any other available documents. Connectivity information and other details required for maintenance of the system can be attached to the components and fixtures, which can be viewed in the context of the floor plan drawing. Datasheets, photographs, notes, etc. can be attached to any component of the system. Locating components like Fire Alarm Control Panel, Smoke Detector, Pressure Gauge, etc. can be done through simple search and report options. Plan Room Module The Plan Room is a virtual library for storing digital facility drawings and related files. The module supports up to 70+ file formats. Customer administrators can set access permissions at the user level. Users can search the documents/drawings using keyword and advanced search options and download the documents for which they have access permissions. Real Property Module The Real Property Module is intended for Tenants, Landlords and Brokers. It enables Facility Managers to keep track of their leased spaces and manage their leases effectively. This module lets users manage lease details such as Lease Type, Lease Property Type, Lease Category, Execution Date, Commencement Date, Expiry Date, Landlord/Tenant name, Lease Area and any other information that needs to be associated with the lease. Scheduling Module The Scheduling module is a robust room and desk booking/reservation system that enables everything from conference room reservations to hot desking bookings for hybrid work environments. Users can search for rooms they want to schedule by capacity, location, and even what amenities are provided in the room (AV equipment, white board, etc.). A check-in system is also deployed to mitigate against users overbooking spaces. Space Module The Space module is at the core of VLogicFM’s space management capabilities. The module pairs a powerful cloud-based MS SQL database with accurate CAD drawings, also stored on the same cloud repository. The combination of these two resources gives users the power to not only locate lists of rooms and room attributes, but also run distribution reports that colorize different rooms by Service Line / Department or other attributes. The Space module also provides the user with a range of reporting options to gauge trends, usable and chargeable areas and cost per square foot. Tracking Module The Tracking module uses IoT-based sensors installed in the facility to render objective occupancy data in real time. This module is currently used by VA users to assess occupancy trends for use cases such as space planning and load balancing / utilization of patient exam rooms between different service lines, clinics and sub-clinics. Utilities Module The Utilities Module facilitates organized documentation of the Utilities Systems linking riser diagrams, floor plan drawings and any other available documents. Connectivity information and other details required for maintenance of the utility system can be linked to the components and fixtures. This allows users to display how parts of these systems are connected to one another in the context of the floor plan drawing. Data sheets, photographs, notes, etc. can be attached to any component of the system to facilitate easy maintenance. Locating components like Flow Control Valve, Smoke Detector, Pressure Gauge, etc. can be done through simple search. Users see lists of components next to these same components blinking on the CAD floor plan drawings. Work Order Module The Work Order module can manage scheduled preventive maintenance activities as well as ad-hoc work request-based service activities. Work orders are generated based on previously defined PM schedules, or other service requests from users. Work orders contain information about a maintenance activity, such as where and how it is to be done, who is supposed to do it, and the supplies needed to complete the task. They keep track of the maintenance activities performed, time taken and cost information that is used to generate reports for planning and analysis.

VMware Government Services (VGS)

Authorizations

6

Reuse

5

Service Model

Impact Level

Status

FedRAMP Authorized

Vyond for Government

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Vyopta Collaboration Intelligence Platform

Authorizations

4

Reuse

3

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

Wasabi GovCloud (WGC)

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Sophia Knowledge Management System

Authorizations

4

Reuse

3

Service Model

Impact Level

Status

FedRAMP Authorized

Intelligent Technology Management System (ITMS)

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

1

Reuse

0

Service Model

Impact Level

Status

FedRAMP Authorized

Case Management & Tracking System (CMTS)

Authorizations

5

Reuse

4

Service Model

Impact Level

Status

FedRAMP Authorized

Wiz Moderate for U.S. Government

Authorizations

3

Reuse

21

Service Model

Impact Level

Status

FedRAMP Authorized

TeamMate+ FedRAMP

Authorizations

6

Reuse

5

Service Model

Impact Level

Status

FedRAMP Authorized

Workday Government Cloud (WGC)

Authorizations

3

Reuse

2

Service Model

Impact Level

Status

FedRAMP Authorized

Workiva Platform

Authorizations

12

Reuse

11

Service Model

Impact Level

Status

FedRAMP Authorized

Xerox Managed Print Services for US Government

Authorizations

3

Reuse

2

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

2

Reuse

1

Service Model

Impact Level

Status

FedRAMP Authorized

The AuthentX Cloud provides end-to-end identity, credential and access management to US Federal agencies, quasi-federal agencies, and private organizations that require interoperable identity authentication services with Federal systems and infrastructure. The primary use of AuthentX in the Federal government is to satisfy Homeland Security Presidential Directive #12 (HSPD-12), Federal Identity, Credential and Access Management (FICAM) and related policies, mandates and standards from the Office of Management and Budget (OMB), Department of Homeland Security (DHS), and National Institute of Standards and Technology (NIST) Special Publications (SP). Therefore, the AuthentX Cloud solution offered is aligned with federal mandates and high assurance requirements regarding cybersecurity, multi-factor authentication, Federal interoperability, and secure solutions for consolidation of data centers. The AuthentX Cloud consists of COTS hardware, software, and network components assembled and connected in multiple data centers. Hardware includes the XTec AuthentX XaNode appliances, the XTec AuthentX Secure Appliance (ASA), enrollment and issuance peripherals, the XTec XNode and XTec card readers, and Thales SafeNet Hardware Security Modules (HSM's). The software of the AuthentX system is built entirely from source to produce the AuthentX Linux Operating System (OS), customized embedded Microsoft OS, the AuthentX Enrollment Manager application, as well as other software packages. XTec's AuthentX Cloud also provides Hardware Security Module (HSM) as a Service using Thales Trusted Cyber Technologies' (TCT) flagship Luna T-Series HSM. This cloud-based HSM, known as Luna as a Service, allows customers to generate, store, protect and manage cryptographic keys used to secure sensitive data and critical applications. The Luna T-Series HSM at the core of Luna as a Service is FIPS 140-2, Level 3 certified, and is approved for use in National Security Systems PKI. XTec's AuthentX Cloud Luna as a Service is offered using three (3) models: - Luna as a Service Dedicated HSM provides customers full cryptographic control of the entire HSM. - Luna as a Service Managed HSM provides customers HSM cryptographic capabilities in a scalable, cost-effective model. Administrative tasks such as provisioning, configuring, monitoring, and patching are all performed by U.S.-based Luna as a Service engineers. - Luna as a Service Credential System provides customers a cloud service model of Thales TCT's Luna Credential System (LCS). LCS offers multi-factor authentication by maintaining user credentials in a centralized hardware device that is securely accessible through the cloud service by endpoints in a distributed network. LCS is a multi-purpose, secure credential system ideally suited for an environment in which the endpoints, or users cannot use a traditional authentication token.

Yello Government Recruiting Solution

Authorizations

3

Reuse

2

Service Model

Impact Level

Status

FedRAMP Authorized

Zendesk Customer Support and Help Desk Platform

Authorizations

7

Reuse

142

Service Model

Impact Level

Status

FedRAMP Authorized

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

Zimperium Mobile Endpoint Cyber Security

Authorizations

4

Reuse

3

Service Model

Impact Level

Status

FedRAMP Authorized

ZL Unified Archive (ZL UA)

Authorizations

0

Reuse

0

Service Model

Impact Level

Status

FedRAMP In Process

ZL Unified Archive's massively scalable architecture consolidates managing all unstructured content on one platform. Data can be managed in-place and via archiving, for requirements in records management, FOIA, eDiscovery, compliance, privacy, and information governance, while enabling agencies to extract intelligence for analytics and AI training. ZL Unified Archive (ZL UA) offers a comprehensive electronic records management system designed to centralize and automate records capture, storage, retention, and disposition for all federal agencies. This system is tailored to meet the statutory and regulatory requirements set forth by the Federal Records Act, the National Archives and Records Administration (NARA), and the Code of Federal Regulations (36 CFR Chapter XII, Subchapter B), ensuring compliance across all types of records, including temporary, permanent, and essential documents. The platform enables compliance with all NARA Universal Electronic Records Management (UERM), DoDM 8180.01 guidelines, and DoD 5015.2 classified records handling. Data is stored in an encrypted content and data storage system for retention per the agency's policies for which it is being collected. APIs enable the retrieval of this data for future use. Access to all data is restricted to authorized personnel of each agency. Additionally, data can be exported through a user interface that necessitates authentication through an identity management system approved by each agency. Data is safeguarded by allowing IP addresses and firewalls to be listed at the network level, ensuring it is not accessible to individuals outside the agency's scope. The authorization boundary determines the realm of what is accessible in our platform. Key functionalities of the platform include: - In-place management of data, enabling the extraction of intelligence from documents without creating copies - Defensible deletion and cleanup of files - The capability to channel governed, relevant data into analytics and AI applications - Capture of records from a variety of electronic sources - Manual and automated classification of records - Global search, including sorting by relevance, for eDiscovery, investigations, and FOIA requests - Custom retention periods with time-, event-, and metadata-based triggers -Retention of records by agency-specific and General Retention Schedules - A complete audit log details all actions taken on documents for defensible records management and document deletion - A unified system for records management, compliance, eDiscovery, and FOIA requests, so that actions taken on documents are applied universally

Zoom for Government

Authorizations

49

Reuse

56

Service Model

Impact Level

Status

FedRAMP Authorized

The Zoom for Government Platform is a Zoom product offering for the US Federal, and US Department of Defense communities. The Zoom for Government Platform is an all-in-one collaboration platform that makes connecting easier, more immersive, and more dynamic for people and businesses. Zoom for Government FedRAMP JAB authorized products include: - Zoom Cloud Video Conferencing - a cloud-based collaboration service which includes video, audio, content sharing webinars and collaboration. -Zoom Events - is a versatile platform that allows customers to create a variety of engaging virtual experiences for attendees. Events allow for users to manage their own branded event hub, track ticketing and registration, control user access from one dashboard, and allow networking during Zoom Events. - Zoom Rooms - software-based group video conferencing for conference and huddle rooms that run off-the-shelf hardware including a dedicated MAC or PC, camera, and speaker with an iPad controller. - Zoom Whiteboard - provides customers with a set of easy-to-use tools to collaborate together to capture ideas, processes, and concepts. With features focused on fostering innovation, Zoom Whiteboard makes it simple for hybrid teams to interact in new ways for seamless collaboration. - Workspace Reservation - is a solution that enables customers to reserve flexible workspaces ahead of time or when they arrive at the office. Feature is enabled by the customer admin via the Zoom administrative portal and available workspaces are managed in the Room Management service. - Zoom Mesh - is a native client-based Mesh (eCDN) solution for Zoom Webinars and Events, that allows organizations to better manage how their users receive Webinar and Event media streams. It is all built within the existing Zoom for Government Client, subscribing to Zoom Mesh activates the ability of the Zoom for Government client to allow Mesh through customer designated client for meetings and Webinars. No transport or encryption is changed in the Mesh client communication with the Zoom for Government security boundary. - Continuous Meeting Chat allows meeting participants to communicate before, during, and after a meeting by creating a dedicated group chat in Zoom Team Chat for all meeting participants. When enabled, in-meeting chats will show up in that group chat as they are sent in the meeting, allowing meeting conversations to continue after a meeting ends. Schedule a recurring meeting and have a group chat that follows the group for the entire project, in and out of meetings. - AI Companion for ZfG, Zoom for Government’s generative AI assistant, empowers individuals by helping them be more productive, connect and collaborate with teammates, and improve their skills. AI Companion for ZfG is a set of generative AI features that can be enabled within the Zoom for Government platform. - Zoom Team Chat - send chat messages in public or private channels organized by projects, teams, or topics with the ability to share files, emojis, screenshots, and more. - Zoom Phone - a cloud-based phone system with traditional PBX features, integrated PSTN connectivity, enhanced emergency services, and support for calling from mobile apps, desktop apps, and legacy desk phone devices. - Zoom Contact Center (ZCC) - is an omnichannel contact center that's optimized for video and integrated into the same Zoom experience. Zoom Contact Center brings unified communications together with contact center capabilities. ZCC builds off the FedRAMP Authorized service Zoom Phone. ZCC is administered in the Zoom for Government administrative portal. - Zoom API - provides the ability for developers to easily add Video, Voice and Screen Sharing to your application. Our API is a server-side implementation designed around REST. The Zoom API helps manage the pre-meeting experience such as creating, editing, and deleting resources like users, meetings, and webinars. - The Zoom Meeting SDK - lets you display the familiar Zoom meeting and webinar experience in your app or website. The Meeting SDK interface resembles the Zoom client, except that it lives inside your own app or website. - Zoom Client - a local client that allows users to start/join a meeting, employ in-meeting controls for participants, hosts, and co-hosts, webinar controls, manage participants, share screen controls, chat, establish channels, add contacts, and modify settings. - The Zoom for Chrome PWA - allows customers to use FedRAMP authorized services Chat and Phone- , currently available on the desktop client or mobile app, within the Chrome web browser. - QSS - enables enterprise organizations to identify, troubleshoot, and resolve network and service disruptions in near real time for every user, host, and participant across Zoom Meetings, Webinars, & Phone (all FedRAMP authorized services) within their enterprise subscription. The change introduces a new Webhook API to the boundary to transfer this information over TLS 1.2 to customer owned tooling.

Zscaler Private Access - Government (Zero Trust Networking - VPN Replacement)

Authorizations

26

Reuse

82

Service Model

Impact Level

Status

FedRAMP Authorized

Zscaler Private Access Gov, part of the Zscaler Zero Trust Exchange, enables fast, secure connections and allows your employees to work from anywhere using the internet as the corporate network. Based on the zero-trust principle of least-privileged access, it provides comprehensive security using context-based identity and policy enforcement. Zero Trust Exchange helps agencies achieve the target goals of the Executive Order 14028 and resulting OMB mandates, CISA guidance and directives. ZPA Gov security products are currently utilized by over 100 federal agencies and federal systems integrators today in Zscaler's US-based FedRAMP Moderate and FedRAMP JAB High approved boundaries in support of the Cybersecurity and Infrastructure Security Agency (CISA) Trusted Internet Connection (TIC) 3.0 use case model for FedRAMP approved Policy Enforcement Point (PEP) capabilities. TIC 3.0 Use Case Examples (Branch Office, Remote Users, and Cloud) Zero-trust VPN alternative: Legacy VPNs fail to deliver the security, visibility, and user experience today's distributed workforce requires. ZPA delivers fast, direct access to private apps by eliminating VPN traffic backhauling which creates latency, resulting in lost productivity. Secure Hybrid Workforce: Users require the ability to move fluidly between their homes, remote locations, branch offices, and headquarters. ZPA enables seamless and secure access to private apps from wherever they need to work, on any device. Local users benefit from an identical experience through an on-prem broker that replicate the policies and controls of the cloud. Third-party Agentless Access: Third-party agencies, contractors, and vendors require secure, direct access to business applications and OT systems from unmanaged devices. ZPA provides secure, direct connectivity from authorized users to named applications without putting third parties on the network. With integrated agentless access, users can access applications from any browser, on any device, without the need to install a client or log into a VPN. VDI alternative: Traditional VDIs are often slow, unresponsive, and introduce significant costs with racks of servers needed in the data center to support remote access needs. ZPA provides secure, direct connectivity to apps over RDP and SSH, enabling a faster, more secure experience for users. With built-in agentless access through the browser employees and third-party users get seamless secure connectivity from any device without complicated desktop provisioning processes. Secure workload-to-workload connectivity: Agencies require fast, secure workload-to-workload connectivity across hybrid and multi-cloud environments. ZPA for Workloads reduces operational complexity and cost by eliminating the need for virtual DMZs and VPN meshes with least-privileged access-based connectivity across clouds. In addition, because workloads are hidden behind ZPA, they are invisible to the internet and impossible to attack. Zscaler will also provide our Zero Trust Exchange services at the FedRAMP Moderate level not only for federal agencies and service integrators, but state, local, education, and critical infrastructure as a fully authorized StateRAMP solution. All Zscaler's FedRAMP platforms are fully managed and supported by US Citizens and meet the ITAR, CJIS, and DFARS requirements and attestations. Zscaler, a Leader in the Gartner Magic Quadrant for Security Service Edge.

Zscaler Internet Access - Government (Secure Web Gateway - vTIC) - High

Authorizations

13

Reuse

13

Service Model

Impact Level

Status

FedRAMP Authorized

Zscaler Internet Access Gov, part of the Zscaler Zero Trust Exchange, defines safe, fast internet and SaaS access with the industry's most comprehensive cloud native security service edge (SSE) platform. Zscaler's Zero Trust Exchange helps agencies achieve the target goals of the Executive Order 14028 and resulting OMB mandates, CISA guidance and directives. ZIA Gov security products are currently utilized by over 100 federal agencies and federal systems integrators today in Zscaler's US-based FedRAMP Moderate and FedRAMP JAB High approved boundaries in support of the Cybersecurity and Infrastructure Security Agency (CISA) Trusted Internet Connection (TIC) 3.0 use case model for FedRAMP approved Policy Enforcement Point (PEP) capabilities. Delivered as a scalable SaaS platform from the world's largest security cloud, ZIA eliminates legacy network security solutions to stop advanced attacks and prevent data loss with a comprehensive zero trust TIC 3.0 compliant approach, fully supporting the CISA approved Branch Office, Remote Users, and Cloud use cases with: Best-in-class, consistent security for today's hybrid workforce: When you move security to the cloud, all users, apps, devices, and locations get always-on threat protection based on identity and context. Your security policy goes everywhere your users go. Secure cloud-based telework solution: Migrate to a cloud-first, cloud-secure Trusted Internet Connections (TIC) 3.0 zero-trust architecture that can accelerate cloud migration, enhance user productivity, and improve support for cloud applications. Lightning-fast access with zero infrastructure: Direct-to-cloud architecture ensures a fast, seamless user experience. This eliminates backhauling, improves performance and user experience, and simplifies network administration - with no physical infrastructure, ever. AI-powered protection from the world's largest security cloud: Inline inspection of all internet and SaaS traffic, including SSL decryption, with a suite of AI-powered cloud security services to stop ransomware, phishing, zero-day malware, and advanced attacks based on threat intelligence from 300 trillion daily signals. Simplified management: Using a cloud native security solution infused with AI, streamlined workflows, and business focused policy creation frees up valuable time for your team to focus on strategic goals. Zscaler Internet Access includes a comprehensive suite of AI-powered security and data protection services to help you stop cyberattacks and data loss. As a fully cloud-delivered SaaS solution, you can add new capabilities without any additional hardware or lengthy deployment cycles. The modules available as part of Zscaler Internet Access are: - Cloud Secure Web Gateway (SWG) - Cloud Access Security Broker (CASB) - Cloud Data Loss Prevention (DLP) - Cloud Firewall & IPS - Cloud Sandbox - Digital Experience Monitoring (ZDX) Zscaler will also provide our Zero Trust Exchange services at the FedRAMP Moderate level not only for federal agencies and service integrators, but state, local, education, and critical infrastructure as a fully authorized StateRAMP solution. All Zscaler's FedRAMP platforms are fully managed and supported by US Citizens and meet the ITAR, CJIS, and DFARS requirements and attestations. Zscaler, a Leader in the Gartner Magic Quadrant for Security Service Edge.

Zscaler Internet Access - Government (Secure Web Gateway - vTIC)

Authorizations

21

Reuse

36

Service Model

Impact Level

Status

FedRAMP Authorized

Zscaler Internet Access Gov, part of the Zscaler Zero Trust Exchange, defines safe, fast internet and SaaS access with the industry's most comprehensive cloud native security service edge (SSE) platform. Zscaler's Zero Trust Exchange helps agencies achieve the target goals of the Executive Order 14028 and resulting OMB mandates, CISA guidance and directives. ZIA Gov security products are currently utilized by over 100 federal agencies and federal systems integrators today in Zscaler's US-based FedRAMP Moderate and FedRAMP JAB High approved boundaries in support of the Cybersecurity and Infrastructure Security Agency (CISA) Trusted Internet Connection (TIC) 3.0 use case model for FedRAMP approved Policy Enforcement Point (PEP) capabilities. Delivered as a scalable SaaS platform from the world's largest security cloud, ZIA eliminates legacy network security solutions to stop advanced attacks and prevent data loss with a comprehensive zero trust TIC 3.0 compliant approach, fully supporting the CISA approved Branch Office, Remote Users, and Cloud use cases with: Best-in-class, consistent security for today's hybrid workforce: When you move security to the cloud, all users, apps, devices, and locations get always-on threat protection based on identity and context. Your security policy goes everywhere your users go. Secure cloud-based telework solution: Migrate to a cloud-first, cloud-secure Trusted Internet Connections (TIC) 3.0 zero-trust architecture that can accelerate cloud migration, enhance user productivity, and improve support for cloud applications. Lightning-fast access with zero infrastructure: Direct-to-cloud architecture ensures a fast, seamless user experience. This eliminates backhauling, improves performance and user experience, and simplifies network administration - with no physical infrastructure, ever. AI-powered protection from the world's largest security cloud: Inline inspection of all internet and SaaS traffic, including SSL decryption, with a suite of AI-powered cloud security services to stop ransomware, phishing, zero-day malware, and advanced attacks based on threat intelligence from 300 trillion daily signals. Simplified management: Using a cloud native security solution infused with AI, streamlined workflows, and business focused policy creation frees up valuable time for your team to focus on strategic goals. Zscaler Internet Access includes a comprehensive suite of AI-powered security and data protection services to help you stop cyberattacks and data loss. As a fully cloud-delivered SaaS solution, you can add new capabilities without any additional hardware or lengthy deployment cycles. The modules available as part of Zscaler Internet Access are: - Cloud Secure Web Gateway (SWG) - Cloud Access Security Broker (CASB) - Cloud Data Loss Prevention (DLP) - Cloud Firewall & IPS - Cloud Sandbox - Digital Experience Monitoring (ZDX) Zscaler will also provide our Zero Trust Exchange services at the FedRAMP Moderate level not only for federal agencies and service integrators, but state, local, education, and critical infrastructure as a fully authorized StateRAMP solution. All Zscaler's FedRAMP platforms are fully managed and supported by US Citizens and meet the ITAR, CJIS, and DFARS requirements and attestations. Zscaler, a Leader in the Gartner Magic Quadrant for Security Service Edge.

Zscaler Private Access - Government (Zero Trust Exchange - VPN Replacement)

Authorizations

14

Reuse

22

Service Model

Impact Level

Status

FedRAMP Authorized

Zscaler Private AccessGov, part of the Zscaler Zero Trust Exchange, enables fast, secure connections and allows your employees to work from anywhere using the internet as the corporate network. Based on the zero-trust principle of least-privileged access, it provides comprehensive security using context-based identity and policy enforcement. Zero Trust Exchange helps agencies achieve the target goals of the Executive Order 14028 and resulting OMB mandates, CISA guidance and directives. ZPA Gov security products are currently utilized by over 100 federal agencies and federal systems integrators today in Zscaler's US-based FedRAMP Moderate and FedRAMP JAB High approved boundaries in support of the Cybersecurity and Infrastructure Security Agency (CISA) Trusted Internet Connection (TIC) 3.0 use case model for FedRAMP approved Policy Enforcement Point (PEP) capabilities. TIC 3.0 Use Case Examples (Branch Office, Remote Users, and Cloud) Zero-trust VPN alternative: Legacy VPNs fail to deliver the security, visibility, and user experience today's distributed workforce requires. ZPA delivers fast, direct access to private apps by eliminating VPN traffic backhauling which creates latency, resulting in lost productivity. Secure Hybrid Workforce: Users require the ability to move fluidly between their homes, remote locations, branch offices, and headquarters. ZPA enables seamless and secure access to private apps from wherever they need to work, on any device. Local users benefit from an identical experience through an on-prem broker that replicate the policies and controls of the cloud. Third-party Agentless Access: Third-party agencies, contractors, and vendors require secure, direct access to business applications and OT systems from unmanaged devices. ZPA provides secure, direct connectivity from authorized users to named applications without putting third parties on the network. With integrated agentless access, users can access applications from any browser, on any device, without the need to install a client or log into a VPN. VDI alternative: Traditional VDIs are often slow, unresponsive, and introduce significant costs with racks of servers needed in the data center to support remote access needs. ZPA provides secure, direct connectivity to apps over RDP and SSH, enabling a faster, more secure experience for users. With built-in agentless access through the browser employees and third-party users get seamless secure connectivity from any device without complicated desktop provisioning processes. Secure workload-to-workload connectivity: Agencies require fast, secure workload-to-workload connectivity across hybrid and multi-cloud environments. ZPA for Workloads reduces operational complexity and cost by eliminating the need for virtual DMZs and VPN meshes with least-privileged access-based connectivity across clouds. In addition, because workloads are hidden behind ZPA, they are invisible to the internet and impossible to attack. Zscaler will also provide our Zero Trust Exchange services at the FedRAMP Moderate level not only for federal agencies and service integrators, but state, local, education, and critical infrastructure as a fully authorized StateRAMP solution. All Zscaler's FedRAMP platforms are fully managed and supported by US Citizens and meet the ITAR, CJIS, and DFARS requirements and attestations. Zscaler, a Leader in the Gartner Magic Quadrant for Security Service Edge.