FedRAMP Government Certified Cloud Providers

Back to Top


Government agencies require secure cloud solutions to achieve mission success. The Federal Risk and Authorization Management Program, or FedRAMP, evaluates the security of cloud providers.


FedRAMP is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. Cloud Service Providers (CSPs) that offer low or moderate impact cloud services to federal agencies must meet FedRAMP requirements.

Stages of Compliance for FedRAMP Approved Vendors

Carahsoft offers FedRAMP cloud service offerings (CSOs) for three stages of compliance:

  • FedRAMP Authorized: These cloud systems have security packages reflecting the completion of the FedRAMP Security Assessment Framework. A CSP who has achieved this designation is listed on FedRAMP’s Marketplace.
  • FedRAMP In Process: These cloud systems are actively working with the government through the FedRAMP Security Assessment Framework. This designation indicates the documentation to become certified is in progress. An agency is reviewing the documentation with the intent to provide an ATO that meets FedRAMP requirements. A CSP who has achieved this designation is listed on FedRAMP’s Marketplace.
  • FedRAMP Ready: These systems, including both cloud systems and open source builds, are ready to begin the FedRAMP Security Assessment Framework. This compliance indicates that a Third Party Assessment Organization (3PAO) attests to a cloud service’s readiness for the authorization process, and that a Readiness Assessment Report (RAR) has been reviewed and approved by the FedRAMP PMO. This designation is also required for any cloud service to enter the Joint Authorization Board (JAB) Provisional Authority to Operate (P-ATO) process.

Discover Carahsoft’s partner marketplace for FedRAMP certified cloud solutions to support your agency.

  • All FedRAMP Vendors
  • Infrastructure-as-a-Service
  • Platform-as-a-Service
  • Software-as-a-Service

All FedRAMP Vendors

FedRAMP is the Basis for DOD IL


For the Department of Defense (DoD) to leverage cloud computing service offerings they must follow the DoD Cloud Computing Security Requirements Guide (DoD CC SRG) set by the Defense Information Systems Agency (DISA) and the Federal Risk and Authorization Management Program (FedRAMP) standardized security requirements. Carahsoft can help Defense agencies find DoD authorized Cloud Service Offerings (CSOs).

Carahsoft’s Portfolio of StateRAMP Authorized Solutions


FedRAMP’s success at the Federal level exposed the need for a similar program that could be utilized by state and local agencies. StateRAMP was created to allow state and local government to benefit from FedRAMP’s approach for standardizing cybersecurity requirements for IT solutions.

What is FedRAMP Compliance?


The Federal Government’s Cloud First Policy requires all CSP’s to be FedRAMP approved to hold federal data. FedRAMP compliance enables agencies to:

  • Reuse assessments and authorizations to rapidly adopt cloud services
  • Assure confidence in the security of cloud solutions
  • Maintain consistent security certification standards for cloud solutions
  • Preserve transparency between the federal government and CSP’s

How can my CSO become FedRAMP certified?


To work with the federal government, Cloud Service Providers must be FedRAMP authorized to ensure agencies maintain a high level of data protection. Federal officials look to the FedRAMP marketplace as the most reliable source when securing new cloud solutions. Learn how Carahsoft helps CSPs become FedRAMP authorized and build their federal customer base.

Education: Learn More About FedRAMP

With the right strategy and industry partners, agencies can build robust cloud environments that prioritize security and provide the visibility necessary to manage operations and costs.
Creating a comprehensive cloud infrastructure from best-of-breed products is essential for innovation and modernization
Scott Frohman, Head of Defense Programs at Google Cloud, explains why a thoughtful approach to cloud adoption minimizes the impact on users, strengthens security and boosts innovation.

FedRAMP Community Blog Trends

Upcoming FedRAMP Events

Hosted By: Salesforce & Carahsoft
Carahsoft April 03, 2023
Carahsoft 5:00 PM ET

Hosted By: DocuSign & Carahsoft
Carahsoft April 25, 2023
Carahsoft 2:00 PM ET

FedRAMP Resources

FedRAMP News Today

Carahsoft January 24, 2023

U.S. Government Agencies Now Able to Deliver Software Faster and Improve Security of Releases


Carahsoft May 10, 2022

Acquia strengthens position as the only Drupal company to meet U.S. Government security standards.