14LkY5SUaLA5NAOwQdUcB0g
Never has the imperative to maintain America’s technological edge been more pressing as technology rapidly evolves and our adversaries seek to gain ground. At the heart of America’s might is the Defense Industrial Base (DIB), a coalition of more than 220,000 companies and innovators committed to supporting and strengthening our nation’s defense.
Recognizing the critical importance of these contracting companies, the Department of Defense (DoD) launched the Cybersecurity Maturity Model Certification (CMMC) Program to ensure that the DIB’s technologies and innovations remain secure and resilient against cyber threats. All DoD subcontractors, suppliers, service providers, as well as consultants and advisors, will be impacted by CMMC in one way or another. With tens of thousands needing to meet this requirement within the coming months, the race to compliance is on.
See the chart below for the DoD’s estimates of DIB entities requiring varying assessment levels to achieve CMMC compliance.
For SaaS companies needing to comply with CMMC guidelines, they face a critical business decision about the path forward. The first option is to independently invest significant time, money, and resources into strengthening their security and compliance posture in order to pursue Federal Risk and Authorization Management Program (FedRAMP) authorization, either directly or through FedRAMP Equivalency. The second option is to save on time, costs, and resources by pursuing expedited compliance through a trusted partner like Palantir FedStart.
Pursuing FedRAMP authorization directly is an expensive and resource-intensive process. Companies must often assemble dedicated teams of engineers and compliance experts to strengthen their environments, implement organizational controls and policies, and thoroughly document everything for audit purposes. The process begins with finding a government sponsor, a search that can take six to eight months. If and when a sponsor is secured, companies must implement and maintain several hundred security controls, which apply not only to applications and personnel but also to the underlying architecture. Securing cloud environments is complex and time-consuming, typically taking one to two years and costing over one million dollars in auditing and consulting, outside of additional costs for engineering and cloud expenses.
FedRAMP equivalency, an option offered by DoD in recent years, is essentially the same process as directly pursuing FedRAMP but without a government sponsor. This means that the company itself, rather than its government sponsor, assumes the risk of ensuring the company has met all of the aforementioned requirements and that there are zero vulnerabilities within their system.
Palantir FedStart was designed to simplify the FedRAMP process for SaaS companies. With FedStart, SaaS companies can achieve FedRAMP authorization in about one-third of the time and at a fraction of the cost compared to going it alone. The majority of FedStart partners achieve authorization within four months or less. By deploying their products into Palantir’s already-hardened and authorized environment, partners inherit our robust security posture at the infrastructure level, eliminating more than half the compliance burden.
FedStart also acts as a guide through the complexities of FedRAMP, translating dense compliance requirements into a clear list of roughly 50 actionable tasks focused on application- and organization-level controls. We also provide policy templates to further simplify the process.
A major advantage of FedStart is that partners do not need to secure a government sponsor to prepare for audit or gamble that they’ve met the compliance requirements themselves. By joining the Palantir Federal Cloud Service — Supporting Services package, partners can also rely on FedStart to manage all interactions with the FedRAMP Program Management Office and ensure our partners are listed on the FedRAMP Marketplace.
This streamlined approach enables our partners to achieve FedRAMP authorization — and thereby CMMC compliance — quickly and efficiently, freeing them to focus on pursuing opportunities within the DIB, federal civilian agencies, and commercial markets that demand strong security. FedStart partners are already seeing success selling their applications within the DIB and beyond.
As adversaries increasingly target DoD’s supply chain, fortifying the DIB is critically important. Palantir is proud to be in a position to support SaaS companies in achieving compliance with the necessary security protections quickly and efficiently.
Contact FedStart@Palantir.com to learn how we can help your SaaS company secure its place in the Defense Industrial Base.
Securing America’s Defense Industrial Base was originally published in Palantir Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.
Model: https://huggingface.co/silveroxides/Chroma-GGUF/blob/main/chroma-unlocked-v38-detail-calibrated/chroma-unlocked-v38-detail-calibrated-Q8_0.gguf Workflow: https://huggingface.co/lodestones/Chroma/resolve/main/simple_workflow.json Prompts used: High detail photo showing an abandoned Renaissance painter’s studio…
This post is divided into three parts; they are: • Low-Rank Approximation of Matrices •…
Pandas DataFrames are powerful and versatile data manipulation and analysis tools.
Time series forecasting helps businesses predict future trends based on historical data patterns, whether it’s…
MIT researchers developed SEAL, a framework that lets language models continuously learn new knowledge and…
The versatile cannabis plant could, some scientists think, one day be useful for lunar and…