Trellix’s High FedRAMP Efforts Benefit All Customers
By Harold Rivas · April 24, 2023
The United States federal government’s efforts to strengthen cybersecurity reach beyond the scope of protecting U.S. citizens and organizations. The certification process of the Federal Risk and Authorization Management Program (FedRAMP) sets authorization standards of security necessary to protect the federal government’s most sensitive unclassified data in cloud computing environments, including information used by law enforcement, emergency services, and healthcare agencies. The results of Trellix’s commitment to achieving FedRAMP certification not only spotlights our products’ security proficiencies, but also benefits our U.S. public sector customers.
Government Security Levels Organizations Can Follow
FedRAMP categorizes risk associated to a provider’s authorization level – High, Moderate, or Low – based on compliance standards of data security controls, including the way data leaves and comes into an environment. For example, any data going into a SaaS-hosted solution from either a cloud service provider or an independent third party must have the same level of security controls implemented to safeguard all Federal Government data for Confidentiality, Integrity, and Availability.
So, why should any non-government organization concern itself with FedRAMP authorization levels? Trellix’s commitment to FedRAMP provides great compliance value to non-government organizations. Commercial customers will know the provider has already been vetted by the U.S. government as compliant, and as a result, their data will be protected and secure without running their own assessments.
The public sector places a tremendous value on its government compliance standards. For example, the US Food and Drug Administration standards are mirrored by other countries to use for their own compliance models. If it passes the scrutiny of the U.S. government, it likely meets other government standards, too.
Global customers can use FedRAMP’s accreditation standards automatically approving vendors to set their cybersecurity requirements rather than spend significant resources in due diligence. FedRAMP-certified cybersecurity vendors such as Trellix are not fly-by-night companies hyping security designed by amateurs.
Trellix’s FedRAMP Impact Levels
We are pleased our commitment to FedRAMP certification resulted in positive authorization levels for the following Trellix solutions.
- Trellix XDR (GovCloud High) has attained Authority to Operate (ATO) at the High impact level and is in the process of attaining FedRAMP High Authorization from the FedRAMP Program Management Office (PMO).
- Trellix Email Security Cloud is certified at the Moderate level.
- Trellix XDR is certified at the Moderate level.
Trellix’s Commitment to High FedRAMP Levels
FedRAMP’s levels of security controls aren’t static. And the pool of available vendors inside FedRAMP’s High Authorization level is very small. As a result, FedRAMP stimulates security improvements by encouraging vendors like Trellix to commit to achieving the agency’s highest standard. As the U.S. government analyzes its future cybersecurity needs, the pursuit of higher authorization levels also signals future demands for improved security controls.
Trellix will continue to closely work with the FedRAMP and the U.S. government in our commitment to placing more products in the High authorization level. Taking cybersecurity to the next level is a constant need in securing our public sector and government customers from an ever-evolving threat landscape.
May 30, 2023
Trellix Expands AWS Integrations to Provide Greater Data Security to Cloud Infrastructure Customers
May 8, 2023
CRN Recognizes Trellix on its 2023 Women of the Channel and Power 100 Lists
Apr 25, 2023
96% of CISOs Struggle to Get the Support Required to Be Resilient Against Cyber Attacks
Apr 24, 2023
Trellix Launches Comprehensive Endpoint Security Suite
Apr 24, 2023
Trellix Receives FedRAMP High Authorization to Operate for Trellix Extended Detection and Response GovCloud
The latest from our newsroom
The Bug Report – May 2023 Edition
By Mark Bereza · June 7, 2023
April showers bring May flowers, but what do May flowers bring? CVE-2023-28771, CVE-2023-2868, and CVE-2023-24932, apparently.
Normalize Your Environment
By Kyle Wood · June 2, 2023
This blog focuses on the key areas needed to gain a clear and clean view into your environment to more easily identify malicious activity.
Working Together to Invest in People
By Michael Alicea · May 17, 2023
I was honored to participate in a recent RSAC cyber skills panel discussing how the public, private, and non-profit sectors can work together to support the successful implementation of the National Cyber Workforce Strategy.
Get the latest
We’re no strangers to cybersecurity. But we are a new company.
Stay up to date as we evolve.
Zero spam. Unsubscribe at any time.