CrowdStrike Achieves FedRAMP® JAB High “Ready” Designation

CrowdStrike is proud to announce the CrowdStrike Falcon® platform has achieved FedRAMP® High-Impact Level Ready status from the Joint Authorization Board (JAB), demonstrating our commitment to achieving the highest compliance authorization for the United States federal government and support for both the National Cybersecurity Strategy Implementation Plan (NCSIP) and the Executive Order on Improving the Nation’s Cybersecurity.

We have long focused on developing a holistic, cloud-native and AI-native platform to provide the strongest level of protection for organizations of all sizes, across all industries. This includes the United States federal government’s critical endpoints, workloads and data, which all require strong compliance controls to be met. This builds on our announcement earlier this year, when CrowdStrike was granted an Impact Level 5 Provisional Authorization from the Department of Defense (DoD), giving a range of DoD unclassified national security systems the ability to use the Falcon platform to protect mission-critical data.

This FedRAMP JAB High Ready designation means our platform is a major step closer to gaining FedRAMP JAB High Authorization, a designation that will signify the Falcon platform’s ability to protect the U.S. government’s most sensitive and critical systems, and its respective supply chain.

“We are very excited about this. This signals to the federal government and their critical supply chain that we are investing in their protection,” stated Andrew Harris, CrowdStrike’s Global Public Sector CTO. “We strongly believe trust in vendors is absolutely paramount for our customers, and this is just one of many examples of where we continue to push forward and invest in this area.”

Here, we’ll discuss what this announcement means and the significance of this achievement for the Falcon platform.

The JAB and FedRAMP Authorization Levels

The JAB Program Management Office (PMO) is the governing body for the Federal Risk and Authorization Management Program (FedRAMP), which is a government-wide compliance program to help federal agencies adopt modern cloud services without introducing risk or excessive bureaucratic red tape. It includes representatives from the DoD, Department of Homeland Security (DHS) and General Services Administration (GSA).

The two levels of authorization for FedRAMP are at the agency level and JAB level. JAB authorization, the broader of the two, signifies any federal agency can use the authorized product or service. Agency-level authorization indicates approval only for a specific agency’s use. Each year, the JAB selects approximately 12 cloud products to work with for a Provisional Authority to Operate (P-ATO) at the JAB level.

To achieve FedRAMP authorization at either level, vendors must pass three milestones: Ready, In Process and Authorized.

FedRAMP Security Baselines and CrowdStrike’s Designations

With regard to the baselines, FedRAMP uses the NIST FIPS 199 guidelines to establish authorizations commensurate with the level of impact that may result from an incident affecting the confidentiality, integrity and availability of an organization’s data. These impacts are rated as Low (limited), Moderate (serious adverse) or High (severe or catastrophic).

The FedRAMP High baseline’s security controls are based on NIST SP 800-53, which outlines security and privacy control baselines for the federal government. However, the FedRAMP High baseline also contains controls, parameters and guidance above this NIST baseline to address the unique elements of cloud computing. The FedRAMP High baseline implements 421 security controls, the broadest control set of all baselines, to protect systems that would experience severe or catastrophic adverse effects to the organization’s operations, assets or personnel.

High-impact data is usually in law enforcement and emergency services systems, financial systems, health systems and any other system where loss of confidentiality, integrity or availability could be expected to have a catastrophic effect. These systems account for the government’s most sensitive and unclassified data in cloud computing environments, including data that involves the preservation of life and prevention of financial ruin.

Cloud service offerings authorized for use at the FedRAMP JAB High level are deemed by the JAB to be ready for use by agencies to protect their most critical systems, endpoints and workloads.

In November 2021, CrowdStrike was prioritized by the JAB and currently has over 100 FedRAMP Moderate authorizations at the Agency level. CrowdStrike has now been designated as FedRAMP JAB High Ready, meaning we have invested in the highest level of compliance and are ready to secure the U.S. government’s utmost consequence systems.

CrowdStrike: Delivering the Strongest Cloud-Native Protection

CrowdStrike stands ready to stop breaches of the highest-impact federal information systems with the use of a single, lightweight agent for comprehensive endpoint protection, cloud security posture management, identity protection, asset discovery, vulnerability management and more. The Falcon platform regularly collects and analyzes trillions of endpoint events every day from millions of sensors, deployed across 176 countries, to provide unrivaled protection and meet the strictest federal standards.

Government agencies already trust CrowdStrike to protect critical endpoints and workloads. In 2021, CISA selected CrowdStrike for the best-of-breed EDR capabilities in Falcon Insight XDR, which helps our federal customers discover assets, monitor for cyber risk detections and incidents, and automate event response and remediation. CrowdStrike leverages identity protection, cloud-native application protection, asset discovery and vulnerability enumeration to meet CISA’s Binding Operational Directive 23-01 and helps the federal government protect their most critical systems in support of Strategic Objective 1.5: Modernize Federal Defenses from the NCSIP.

Back in 2018, CrowdStrike received FedRAMP authorization for the CrowdStrike Falcon® on GovCloud solution with an ATO at the Moderate Impact level from the U.S. Department of Commerce’s International Trade Administration.

We are now excited to raise our FedRAMP impact level from Moderate to High in the coming months and formally through the JAB.

The below modules are currently offered at the FedRAMP Moderate Baseline and will be included in the High JAB Baseline:

• Falcon Insight XDR detection and response for endpoint and beyond
• Falcon Prevent next-generation antivirus
• Falcon Firewall Management host firewall
• Falcon Device Control USB security
• Falcon Intelligence automated threat intelligence
• Falcon Cloud Security
• Falcon Discover IT hygiene
• Falcon Spotlight vulnerability management
• Falcon Forensics forensic cybersecurity
• Falcon FileVantage file integrity monitoring
• Falcon Identity Protection
• Falcon OverWatch managed threat hunting
• Falcon Complete managed detection and response

Putting It All Together

The Falcon platform has long delivered on the promise of better protection and efficiency for our customers all over the world. CrowdStrike’s FedRAMP JAB High Ready status signifies not only our commitment to innovating and building industry-leading technology to defend against today’s adversaries but also our unwavering support for cybersecurity efforts at the most critical levels of government.

Contact CrowdStrike to discuss and receive more details about how we can help you secure your organization while complying with industry regulations and directives.

REQUEST INFORMATION

André Murphy is CrowdStrike’s Federal CTO.

Additional Resources

• Learn more: CISA Selects CrowdStrike to Protect the Nation’s Critical Endpoints and Workloads.
• Get answers to common questions about how CrowdStrike protects federal government agencies: CrowdStrike for the Federal Government FAQ.
• Learn how CrowdStrike Falcon Spotlight Fuses Endpoint Data with CISA’s Exploited Vulnerabilities Catalog.