FedRAMP certification

Cloud Security Provider Ermetic Seeks FedRAMP Authority to Operate Designation

Cloud infrastructure security company Ermetic has launched a certification process under the Federal Risk and Authorization Management Program, a government initiative that standardizes the security assessment and monitoring of cloud products and services with the ultimate aim of promoting the use of such technologies in the public sector. The objective is to achieve an authority to operate designation, the company said.

Ermetic has partnered with FedRAMP engineering and advisory services provider stackArmor for the effort. Headquartered in Tysons Corner, Virginia, stackArmor also provides support for compliance with standards enforced by the National Institute of Standards and Technology and the Department of Defense, and those outlined by the Federal Information Security Modernization Act and the Cybersecurity Maturity Model Certification program.

Ermetic has also appointed Ben McGucken to lead the ATO certification process. An employee since February, McGucken is Ermetic’s regional vice president of sales for the U.S. federal and Latin American markets. Previously, McGucken worked for cloud security provider Bitglass, where he served as associate vice president of sales for the South and Latin American markets. When Bitglass was acquired by software company Forcepoint in October 2021, McGucken took on the role of senior account executive for civilian agencies as well.

His other former employers include cybersecurity companies ExtraHop and Palo Alto Networks and IT service management company Layer 3 Communications.

If the process is successful, Ermetic’s offering will join nearly 300 other products in the FedRAMP marketplace that have already achieved authorization.