FedRAMP Government Certified Cloud Providers

Back to Top


Government agencies require secure cloud solutions to achieve mission success. The Federal Risk and Authorization Management Program, or FedRAMP, evaluates the security of cloud providers.


FedRAMP is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. Cloud Service Providers (CSPs) that offer low or moderate impact cloud services to federal agencies must meet FedRAMP requirements.

Stages of Compliance for FedRAMP Approved Vendors

Carahsoft offers FedRAMP solutions for three stages of compliance:

  • FedRAMP Authorized: These cloud systems have security packages reflecting the completion of the FedRAMP Security Assessment Framework. A CSP who has achieved this designation is listed on FedRAMP’s Marketplace.
  • FedRAMP In Process: These cloud systems are actively working with the government through the FedRAMP Security Assessment Framework. This designation indicates the documentation to become certified is in progress. An agency is reviewing the documentation with the intent to provide an ATO that meets FedRAMP requirements. A CSP who has achieved this designation is listed on FedRAMP’s Marketplace.
  • FedRAMP Ready: These systems, including both cloud systems and open source builds, are ready to begin the FedRAMP Security Assessment Framework. This compliance indicates that a Third Party Assessment Organization (3PAO) attests to a cloud service’s readiness for the authorization process, and that a Readiness Assessment Report (RAR) has been reviewed and approved by the FedRAMP PMO. This designation is also required for any cloud service to enter the Joint Authorization Board (JAB) Provisional Authority to Operate (P-ATO) process.

Discover Carahsoft’s partner marketplace for FedRAMP certified cloud solutions to support your agency.

  • Infrastructure-as-a-Service (9)
  • Platform-as-a-Service (19)
  • Software-as-a-Service (93)
  • DoD Impact Level Offerings (83)

All FedRAMP Vendors

What is FedRAMP Compliance?

The Federal Government’s Cloud First Policy requires all CSP’s to be FedRAMP approved to hold federal data. FedRAMP compliance enables agencies to:

  • Reuse assessments and authorizations to rapidly adopt cloud services
  • Assure confidence in the security of cloud solutions
  • Maintain consistent security certification standards for cloud solutions
  • Preserve transparency between the federal government and CSP’s

How can my organization become FedRAMP certified?

CSPs that hold federal data must meet FedRAMP requirements. The cloud solutions listed above have taken one of three paths to become certified: JABProvisional Authorization (P-ATO), Agency Authorization or FedRAMP Ready Certification.

Government agencies should select a cloud service that is FedRAMP authorized and meets the NIST 800-53 Control Framework. This reduces the impact of security threats for agencies and ensure the solution or service is easily translatable to achieve other security standards.

Carahsoft offers FedRAMP solutions for four different security baselines: High (421 controls), Moderate (325 Controls), Low (125 Controls) and LI SAAS (38 controls).

Education: Learn More About FedRAMP

MK Palmore, Director of the Office of the CISO at Google Cloud, explores the three pillars of any transformation effort.
Clara Conti, Vice President and General Manager for Public Sector in North America for Red Hat, explores how new technologies like containerization, microservices and the service mesh can help Federal agencies attain greater flexibility.
This ebook examines how potential outcomes drive cloud strategies in a post-pandemic world. Featuring insights from government agencies, including: USDA, Commerce, and State; GAO and DHS; DIU and DISA; NGA; and the U.S. Army.

FedRAMP Community Blog Trends

Upcoming FedRAMP Events

Carahsoft August 11, 2022
Carahsoft 11:00 AM ET

Hosted By: MongoDB & Carahsoft
Carahsoft August 24, 2022

FedRAMP Resources

FedRAMP News Today

Carahsoft May 10, 2022

Acquia strengthens position as the only Drupal company to meet U.S. Government security standards.


Carahsoft June 28, 2021

MongoDB Atlas for Government achieves FedRAMP Ready Status. This new offering provides the simplest way to deploy, operate, and scale the database for modern applications, all in a FedRAMP Ready environment that helps customers meet the most demanding data security and privacy standards.