Recognized as a premier FedRAMP 3PAO, Fortreum led two successful 3PAO 20x assessments for the InfusionPoints and Meridian cloud platforms.
It’s official: Fortreum has successfully completed FedRAMP 20x assessments for InfusionPoints and Meridian, resulting in both organizations achieving FedRAMP 20x Authorization. This milestone represents a significant leap forward in demonstrating the operational rigor, automation, and real-time security posture of cloud service providers (CSPs) under the new 20x initiative.
What is FedRAMP 20x?
FedRAMP 20x is an innovative pilot program led by the FedRAMP PMO designed to modernize the authorization process through automation, continuous controls validation, and real-time evidence generation. The 20x program is initially being piloted for low impact systems. Unlike traditional FedRAMP authorizations, FedRAMP 20x uses Key Security Indicators (KSI’s) and machine-readable outputs to assess and validate the security capabilities of a cloud service offering. This marks a shift from static documentation to dynamic, real-world validation of cloud environments.
“Securing a 20x authorization is a highly rigorous and demanding process. The CSP must not only detail current system configurations, but also show machine output and language that prove the requirements are in place and ready for continual use to validate the security of the CSP environment,” said David Clevenger, Director of the Public Sector Assurance Team at Fortreum.
This achievement underscores both InfusionPoints’ and Meridian’s commitment to best-in-class cloud security and compliance. It also highlights the practical value and growing industry adoption of the 20x model.
Checkout the new Press Release: Fortreum leads two successful 3PAO 20x assessments
As the premiere FedRAMP Third Party Assessment Organization (3PAO), Fortreum continues to lead the way in evaluating modern, automation-ready security environments that align with both federal mandates and future-ready architectures. In fact, the XRAMP continuous assurance validation process is leading the way in terms of consolidating CSP frameworks such as FedRAMP and other regulatory requirements into a consolidated, continuous workstream.
Having a sound business case is critical to pursuing any business within the US public sector. Whether its traditional FedRAMP, 20x assessments, or multi-framework support, we have you covered. Check out the FedRAMP business case video to learn more.
Fortreum is an independent firm specializing in audit, advisory, and technical testing services, delivering cybersecurity expertise in highly regulated industries. Our mission is to simplify cloud and cybersecurity challenges for our clients. With nearly 25 years of combined experience in both the public and private sectors, Fortreum is dedicated to addressing our customers’ complex cloud and cybersecurity needs.
For more information, visit the Fortreum website or follow the company on LinkedIn at LinkedIn.com/company/fortreum.
Should you have questions about your FedRAMP, XRAMP, cloud and cybersecurity readiness, please reach out to us at Info@fortreum.com or Contact Us at https://fortreum.com/contact/