CrowdStrike for the Federal Government FAQ

FedRAMP requirements include additional controls above the standard NIST baseline controls in NIST SP 800-53 Revision 4. These additional controls address the unique elements of cloud computing to ensure all federal data is secure in cloud environments.

The Federal Risk and Authorization Management Program (FedRAMP) is a government-wide program that provides a standardized approach to security assessment, authorization and continuous monitoring for cloud products and services. This approach uses a “do once, use many times” framework that reduces the cost, time and staff required to conduct redundant security assessments across different agencies.

The CrowdStrike Falcon platform has been FedRAMP authorized since 2018, an industry first for cloud-native endpoint protection. At the time, the Falcon platform achieved FedRAMP Moderate, and we continue further pursuit of higher authorization levels in partnership with the Federal Government.

For additional information, visit the Falcon on GovCloud webpage or CrowdStrike FedRAMP Marketplace listing.

Both FedRAMP and FISMA (Federal Information Security Management Act of 2002) use the NIST SP 800-53 security controls. The FedRAMP security controls are based on NIST SP 800-53 Revision 4 baselines and contain controls above the NIST baseline that address the unique elements of cloud computing.

Cloud services “In Process” should not present themselves as FedRAMP-compliant to agencies. A cloud service posted as “In Process” on fedramp.gov only indicates that they are working with the Joint Authorization Board (JAB) or an agency to attain a FedRAMP authorization. To learn more information on how a cloud service provider (CSP) can become “In Process,” please refer to FedRAMP's Marketplace Designations for Cloud Service Providers.

CrowdStrike Falcon is a 100% cloud-native solution, offering unprecedented endpoint capabilities that scale and deliver on endpoint requirements like never before. Falcon requires no on-premises servers, databases or controllers to be installed, freeing you from the cost and hassle of managing, maintaining and updating on-premises software and hardware.

The CDM program is a dynamic approach to fortifying the cybersecurity of government networks and systems. The CDM program provides cybersecurity tools, integration services and dashboards to participating agencies to support them in improving their respective security posture. The CDM approach is consistent with guidance from the Office of Management and Budget (OMB) and the National Institute of Standards and Technology (NIST) and helps meet federal reporting requirements. CDM offers industry-leading, commercial off-the-shelf (COTS) tools to support technical modernization as threats change. To start, agency-installed sensors are deployed and perform an ongoing, automated search for known cyber flaws. Results from the sensors feed into an agency dashboard that produces customized reports to alert network managers of their most critical cyber risks.

The CDM program enhances government network security through automated control testing and progress tracking. This approach:

• Provides services to implement sensors and dashboards
• Delivers near real-time results
• Prioritizes the worst problems within minutes, versus quarterly or annually
• Enables defenders to identify and mitigate flaws at network speed
• Lowers operational risk and exploitation of government IT systems and networks

Additionally, for federal cyber investments, the CDM program fulfills Federal Information Security Management Act (FISMA) mandates.

Yes. CrowdStrike products, intelligence and services are listed on the CDM Approved Products List. For additional details on how CrowdStrike maps to CDM phases and functional areas, please contact your CrowdStrike representative.

CMMC is a vehicle the U.S. government is using to implement a tiered approach to audit contractor compliance with NIST SP 800-171, based on five different levels of maturity expectations. DOD contractors have been required to comply with NIST 800-171 since January 1, 2018. In the past two years, the DOD grappled with the low rate of NIST 800-171 compliance across the Defense Industrial Base (DIB), and CMMC was created to remedy that systemic issue of non-compliance by both primes and their subs. CMMC is intended to act as a procurement gate that a contractor must pass to be eligible to bid on, win or participate on a contract. Without a valid CMMC certification (Level 1 through 5), the prime and/or sub will be barred from applicable contracts.

The Falcon platform addresses many of the requirements and practices across all 17 CMMC domains, and CrowdStrike has an excellent understanding of the model and how to support your unique organizational needs. For additional detail on specific alignment and implementation, please contact your CrowdStrike representative for assistance or review the CrowdStrike Falcon Platform for CMMC product applicability guide published by Coalfire.