Cofense Granted FedRAMP Moderate Authorization
Cofense PhishMe is the only FedRAMP Moderate authorized phishing simulation solution available to federal agencies
Cofense, the leading provider of phishing detection and response (PDR) solutions, announced that Cofense PhishMe has achieved a Federal Risk and Authorization Management Program (FedRAMP) Moderate Authorization to Operate (ATO). Cofense’s FedRAMP authorization was sponsored by the U.S. Department of Health and Human Services (HHS) and was also reviewed by the FedRAMP Program Management Office (PMO). The Cofense PhishMe FedRAMP environment is architected on Amazon Web Services (AWS) GovCloud, and is the first FedRAMP Moderate authorized phishing simulation solution.
“Spear phishing continues to be one of the most significant concerns among federal agencies, which are challenged today by the need to protect mission critical information while supporting a growing remote workforce”
FedRAMP was created to assess the security of Cloud Service Providers (CSPs), saving time and money for U.S. government agencies that would otherwise conduct their own assessments. A Moderate-Impact Authorization requires significantly stricter security controls compared to Low-Impact Authorization, including stringent operational requirements to protect personally identifiable information, and the safeguarding of information related to phishing simulations and suspicious messages reported by employees.
Recommended AI News: MicroPort CRM Launches MicroPort Academy CRM
Cofense’s Moderate-Impact Authorization required an independent evaluation of the following:
- Cofense’s implementation of the 325 FedRAMP Moderate NIST SP 800-53 Controls to protect the confidentiality, integrity and availability of customer data
- Cofense’s vulnerability management practices by conducting independent vulnerability scans
- Cofense’s web application security practices by performing independent penetration testing
“Spear phishing continues to be one of the most significant concerns among federal agencies, which are challenged today by the need to protect mission critical information while supporting a growing remote workforce,” said Sylvain Lacroix, Cofense Director, Federal & Defense Contractors Sales. “Cofense PhishMe allows federal agencies to securely and proactively defend against cybersecurity threats spread via email, which is the leading cause of data breaches. Cofense is excited to continue serving the needs of highly regulated industries such as the U.S. Federal Government with our Cofense FedRAMP Moderate offering.”
Recommended AI News: Circonus and Cloudbakers Announce Exclusive Partnership
Cofense solutions deliver protection from malware threats, ransomware campaigns and scams that evade Secure Email Gateways (SEGs) every day and provide federal teams the visibility and tools to stop phishing threats in minutes, not hours. With Cofense PhishMe, federal agencies can transform employees into the last line of active defense through education, ongoing simulations and an easy to use reporting tool so organizations can swiftly detect, respond to and stop phishing attacks in their tracks.
Andrew Ledford, FedRAMP Program Manager, added, “Cofense prioritizes providing the highest level of protection to our customers, which is why we made the commitment to pursue a FedRAMP moderate impact level authorization – anything lower was just not sufficient to meet the needs of our customers. Our network of 25 million users combined with advanced automation is what makes Cofense the strongest phishing detection and response solution on the market today, and we are extremely proud of this milestone. We look forward to maintaining our status as a trusted provider of phishing defense for U.S. government agencies.”
Recommended AI News: Blue Yonder Expands Relationship with HEINEKEN