Name: RMF in the Cloud 2.0
Price: 1500.00 USD
Availability: InStock

Moving to the cloud doesn't remove the need for RMF—it complicates it. This course covers the intersection of DoD RMF and FedRAMP, helping you understand what you are responsible for versus what the Cloud Service Provider (CSP) handles.

Who Should Attend?

Cloud Architects

Engineers designing solutions in AWS/Azure who need to ensure compliance from day one.

ISSOs & ISSEs

Security staff who need to understand "Control Inheritance" and FedRAMP packages.

Migration Leads

PMs responsible for "Lift and Shift" or "Refactor" projects moving to GovCloud.

Mastering the Shared Responsibility Model

The biggest failure point in Cloud RMF is assuming the Vendor handles security. We teach you exactly where the line is drawn.

☁️ SaaS (Software as a Service) Vendor manages most controls

🛠️ PaaS (Platform as a Service) Shared controls

💻 IaaS (Infrastructure as a Service) YOU manage OS & Apps

Course Agenda

FedRAMP & The Marketplace

Understanding the FedRAMP authorization process. How to search the FedRAMP Marketplace for authorized services. The difference between "FedRAMP Ready" and "Authorized".

Inheritance & DoD Overlays

Applying the DoD Cloud Computing Security Requirements Guide (SRG). How to "inherit" controls from AWS/Azure to reduce your workload. Identifying cloud-specific artifacts.

Frequently Asked Questions

Is this course specific to AWS or Azure?

We are "Vendor Agnostic." The principles of FedRAMP and inheritance apply equally whether you are using AWS GovCloud, Azure Government, or Google Public Sector. We use examples from all three.

Do I need to be RMF certified first?

It is highly recommended. This is an advanced strategy course. We assume you already know what a "Security Control" is. If you are new to RMF, we suggest taking the DoD RMF Bootcamp first.

RMF in the Cloud 2.0