FedRAMP designation

Synack Conferred FedRAMP Moderate In Process Designation

Redwood City-headquartered Synack announced it has received Moderate “In Process” status from the Federal Risk and Authorization Management Program. The Moderate designation is widely considered one of the most rigorous security standards on the market with a defined set of 325 security controls for cloud systems, third-party auditing and continuous monitoring to ensure compliance, Synack said Tuesday.

In a statement, the American technology company said the FedRAMP designation underscores its commitment to stringent data security and compliance standards, which is demanded by U.S. government clients and federal government contractors today. The latest designation also cements the company’s position as an industry leader in on-demand security testing and vulnerability disclosure program management, Synack added.

Mark Kuhr, Synack’s CEO and chief technology officer, said the FedRAMP designation will be a powerful accelerant for even more federal customers to benefit from crowdsourced security, which is an essential best practice especially in light of recent vulnerabilities such as Log4j.

Kuhr said that Synack has been protecting U.S. federal civilian and military assets since he co-founded the firm with Jay Kaplan, who like himself, was a cybersecurity expert at the National Security Agency. Since its foundation in 2013, the company has worked with more than 30 federal agencies to quickly identify known and unknown vulnerabilities before attackers can take advantage of them.

The company’s more notable achievements include its participation in the “Hack the Pentagon” program since its inception in 2016 when the Department of Defense invited ethical hackers to test its systems for vulnerabilities. It has also partnered with the Defense Advanced Research Projects Agency on efforts that were not fully disclosed.