CSP-AB Annual Review 2025
In 2025, CSP-AB strengthened its role as a leading voice on cybersecurity policies and standards that empower secure and scalable cloud adoption across the public and private sectors. Our 2025 […]
Paramify becomes the latest member to join the CSP-AB
The CSP-AB is thrilled to announce the addition of stackArmor as its 22nd member. Their ATO Accelerator reduces the time and cost of ATOs by 40% by providing hosted, managed and self-hosted ATO solutions that meet FedRAMP, DOD, GovRAMP and IC requirements for partner agencies and commercial software companies.
stackArmor joins the CSP-AB
The CSP-AB is thrilled to announce the addition of stackArmor as its 22nd member. Their ATO Accelerator reduces the time and cost of ATOs by 40% by providing hosted, managed and self-hosted ATO solutions that meet FedRAMP, DOD, GovRAMP and IC requirements for partner agencies and commercial software companies.
FedHive joins the CSP-AB
The CSP-AB is thrilled to announce the addition of FedHive as its 21st member. FedHIVE is HRTec’s secure, scalable FedRAMP Accelerator providing IaaS/PaaS/SaaS CSO.
Knox joins the CSP-AB
The CSP-AB is thrilled to announce the addition of Knox as its 20th member. Knox Systems, Inc. is a compliance infrastructure platform that helps SaaS vendors accelerate entry into the U.S. federal market.
Palo Alto Networks joins the CSP-AB
The CSP-AB is thrilled to announce the addition of Palo Alto Networks as its 19th member. Palo Alto Networks, the global cybersecurity leader, is shaping the cloud-centric future with technology that is transforming the way people and organizations operate.
Atlassian joins the CSP-AB
The CSP-AB is thrilled to announce the addition of Atlassian as its 18th member. Atlassian is a global software company helping teams around the world unleash their potential. They build tools that help teams collaborate, build, and create together.
Unleashing Government Efficiency: Why a Fully-Resourced and Modernized Cloud Authorizing Entity is Key
First published on FedScoop, this article explores how investing in FedRAMP is key to modernizing government tech—cutting costs, boosting security, and accelerating cloud adoption across federal agencies.
CSP-AB responds to FedRAMP Boundary Policy RFC-0004
The CSP-AB supports the proposed changes in RFC-0004, praising FedRAMP’s efforts to enhance monitoring, streamline assessments, and improve efficiency. It reaffirms the value of the “do once, use many” model and welcomes continued collaboration to advance federal cloud security.
Wiz joins the CSP-AB
The CSP-AB is thrilled to announce the addition of Wiz as its 17th member. Wiz helps organizations create secure cloud environments that accelerate their businesses. By creating a normalizing layer between cloud environments, the Wiz platform enables organizations to rapidly identify and remove critical risks.
Multi-Association Comments on DFARS Case 2018-D064: Striking the Balance Between Innovation and Compliance
CSP-AB, with industry partners, urges the DoD to revise its proposed DFARS rule, warning it could hinder innovation and overreach. The submission calls for a narrower scope, clearer terms, and protection for commercial and open-source technologies.
Crowdstrike joins the CSP-AB
The CSP-AB is thrilled to announce Crowdstrike as its 16th member. CrowdStrike has redefined security with the world’s most advanced cloud-native platform that protects and enables the people, processes and technologies that drive modern enterprise.
SAP NS2 joins the CSP-AB
The CSP-AB is thrilled to announce SAP NS2 as its 15th member. SAP National Security Services, Inc. is an independent, U.S. subsidiary of SAP, a market share leader in enterprise resource management applications, supply chain management applications, procurement applications software, and travel and expense management software.
CSP-AB Advisories for FedRAMP Requests on Key Performance Metrics and Federal Cryptography Standards
In September 2024, FedRAMP proposed updates to cryptography standards and performance metrics, introducing a more flexible, risk-based approach. While welcomed by CSPs, concerns remain around implementation challenges and validation delays ahead of the planned January 2025 rollout.
Axon joins the CSP-AB
The CSP-AB is thrilled to announce the addition of Axon as its 14th member. Axon, a global leader in public safety technology, is renowned for its commitment to enhancing safety and transparency in law enforcement.
Strengthening National Cybersecurity Through Proactive Incident Reporting
The CSP-AB supports CISA’s proposed CIRCIA rules but urges refinements to better focus on critical incidents, avoid redundant reporting, and protect sensitive data—while promoting cooperation over punitive enforcement.
Balancing Security and Innovation in Proposed Regulations for IaaS Providers
The CSP-AB supports security-focused IaaS regulations but urges a more practical approach. It warns against overly broad identity checks, vague ownership definitions, and burdensome AI reporting, calling instead for targeted, collaborative solutions that safeguard both innovation and privacy.
CSP-AB Responds to FAR cases 2021-017 and 2021-019
In February 2024, the CSP-AB responded to FAR Cases 2021-017 and 2021-019, supporting cybersecurity goals but urging use of existing FedRAMP accreditations and regulatory alignment to avoid unnecessary burdens on IT companies.
CSP-AB Responds to OMB’s Updated Guidance on FedRAMP Modernization
The CSP-AB supports OMB’s updated FedRAMP guidance and urges faster, more automated processes to align with modern cloud needs. Its recommendations focus on streamlining authorizations, enhancing monitoring, and fostering secure, scalable cloud adoption.
Oracle joins the CSP-AB
The CSP-AB is thrilled to announce Oracle as its 13th member. Oracle is a global leader in enterprise cloud solutions, offering a complete suite of products designed to modernize businesses and transform operations.
FIPS for the Future – A New Perspective on Cryptographic Standards
CSP-AB and Coalfire’s white paper “FIPS for the Future” calls for modernising the FIPS cryptographic validation process, citing delays, high costs, and outdated methods. It proposes automation, greater transparency, and post-quantum readiness to ensure FIPS remains effective in a rapidly evolving security landscape.
GSA announces FSCAC membership, including CSP-AB Founding Member Google
The GSA has announced the inaugural members of the Federal Secure Cloud Advisory Committee (FSCAC), including Google, a founding member of the CSP-AB. The committee will advise on secure cloud adoption across federal agencies, marking a key step in modernising FedRAMP and enhancing public-private collaboration.
CSP-AB Responds to CISA’s Draft Secure Software Development Attestation Form
CSP-AB urges CISA to align its draft Secure Software Attestation Form with FedRAMP, reduce duplication, and allow flexibility. Our response stresses practicality to ensure strong security without overburdening providers.
Cloud Service Providers – Advisory Board (CSP-AB) Launches as a Trade Association
In March 2023, CSP-AB became a formal trade association to strengthen governance, influence cloud security policy, and foster industry collaboration. Representing leading cloud firms, it supports secure, scalable digital services for governments and users alike.