Quzara LLC, an AWS Security partner and FedRAMP® compliance leader, has helped Veracode, a leading global provider of application security testing solutions, to attain a Federal Risk and Authorization Management Program (FedRAMP®) authorization.
As part of Veracode’s FedRAMP® authorization process, Quzara consulted and advised on control remediation, implementations, AWS architecture design, and development for the offering. Quzara additionally developed the full FedRAMP® documentation stack, including the System Security Plan (SSP), SSP Attachments, and policies and procedures.
Veracode’s comprehensive cloud-native software security platform provides Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), and eLearning. Federal government customers can use the Veracode offering to address security and risk management requirements for web and mobile applications. The platform can be used throughout the software development lifecycle, scanning binaries, run-time environments (including APIs), and third-party code (including open source) to ensure that security flaws and vulnerabilities are captured before code is pushed into production. To further aid development teams in producing secure code, Veracode offers inline remediation guidance within the integrated development environment, as well as developer training and certification. For security and agency leadership, Veracode’s ‘single-pane-of-glass’ dashboard provides a unified view of security posture and compliance with policy.
“Quzara’s experience in cybersecurity and compliance, alongside our commitment to Veracode and the service they are bringing to the FedRAMP® market, resulted in a successful FedRAMP® authorization,” says Saif Rahman, Quzara Managing Director.
“Bringing together the talent and experience of Quzara and the FedRAMP® team at Veracode, we were able to navigate the FedRAMP® landscape and reached a great milestone,” says AJ Malik, Quzara FedRAMP® Pillar Lead, Quzara lead on Veracode FedRAMP project.
Scott Jensen, Vice President, Cloud Operations at Veracode, said, “Quzara’s experience in the FedRAMP® process, their diligent efforts, and expert advice made all the difference in how we approached our project. We were able to make our way quickly and effectively through the FedRAMP® process, in large part due to Quzara’s efforts.”