What Is CDM? The Continuous Diagnostics and Mitigation (CDM) program is a United States government cybersecurity initiative led by the Department of Homeland Security (DHS) and the Cybersecurity and Infrastructure Security Agency (CISA). CDM aims to: Reduce agency threat surface Increase visibility into the federal cybersecurity posture Improve federal cybersecurity response capabilities Streamline Federal Information […]

What is CMMC? The Cybersecurity Maturity Model Certification (CMMC) framework consists of cybersecurity best practices and maturity processes. This framework is intended to protect federal contract information (FCI) and controlled unclassified information (CUI) with a goal of increasing assurance that federal contractors, and subcontractors within the supply chain, can adequately protect this information. The Evolution […]

The federal government has steadily advocated for its agencies to adopt cloud computing over the past decade. Today, quite often, that means supporting a multi-cloud environment that provides flexibility and cost efficiency. From Cloud First to Multi-Cloud Ten years ago, the OMB released its “Cloud First” strategy as part of the federal IT modernization effort, […]

Whether your cloud presence is big or small, cloud security is a key concern. Threats – internal and external – aren’t diminishing, so security remains a key foundational element of a successful and reliable cloud environment. Security is a key focus for us here at cloudtamer.io. Scott Piper of Summit Route recently released his annual […]

Getting cloud resources in compliance with regulations and standards is a must for many organizations. Whether it’s internal or external standards, you’re likely expected to enforce some security measures in the cloud. In fact, on average, organizations comply with 13 different compliance and/or privacy regulations.1 But some of the data around this is not very […]

‘Cloud governance’ is not a new topic, but it’s one that’s often misunderstood. People tend to use it interchangeably with ‘cloud management’ or, based on just the mere sound of governance, they think it must be pure drudgery. In reality, cloud governance is what you need before you start down the path of cloud management. […]

In our 2.18 release, we announced the general availability of our continuous compliance functionality.  Continuous compliance brings the power of the leading open-source policy engine, Cloud Custodian, to cloudtamer.io. I believe pairing Cloud Custodian with cloudtamer.io’s multi-cloud support to visualize, manage, and provide easy remediation for findings is a cloud security game-changer. But our initial […]

We recently presented at FCW’s virtual Department of Defense (DoD) Cloud Workshop to discuss the unique challenges and complexities in the DoD landscape, where hundreds of cloud initiatives are currently underway. The event included speakers from the DoD’s Cloud Computing Program Office, DISA, USAF/A1, and the GSA. cloudtamer.io’s CEO, Brian Price, presented Accelerating Time to […]

We recently partnered with NASA Goddard Space Flight Center and EITR Technologies to deliver a webinar with the Cloud Security Alliance. In Shift Left and Shift Down in the Cloud, we covered examples of shifting left and shifting down in the cloud to improve and automate security. Shift left describes the process and tactics that […]