.jpg)
Vanta, a leading AI-powered trust management platform, has successfully secured its FedRAMP 20x Low Authorization, joining the first cohort of four cloud service providers to complete the Federal Risk and Authorization Management Program’s (FedRAMP®) Phase One Pilot in 2025. This milestone reinforces Vanta’s leadership in enabling secure cloud adoption for government and commercial contractors.
Vanta earns FedRAMP 20x Low Authorization in the 2025 Phase One Pilot.
Part of the first cohort of four cloud providers to achieve this milestone.
Uses Key Security Indicators (KSIs) and automated validation for efficiency.
Supports compliance with CMMC, NIST 800-53, NIST 800-171, and HIPAA.
Collaborates with FedRAMP PMO, Sunstone Secure, and Schellman for success.
Enhances secure cloud adoption for U.S. public sector and contractors.
Announced by the General Services Administration (GSA) in March 2025, the FedRAMP 20x Phase One Pilot introduced a cloud-native approach to Low authorization, leveraging Key Security Indicators (KSIs) and machine-readable validation to streamline security assessments. Vanta’s participation since May 2025, alongside partners Sunstone Secure and Schellman, has driven innovation in the authorization process. “We are proud to participate in this historic modernization effort, demonstrating how automation and commercial innovation can bring greater efficiency to the government authorization process,” said Christina Cacioppo, CEO, Vanta.
Vanta worked closely with the FedRAMP Program Management Office (PMO) and the broader industry to shape the 20x initiative. “It’s been an incredible experience for the Vanta team to work alongside the broader community in shaping the future of FedRAMP 20x over the past two months,” said Arpita Husain, Security Analyst, Vanta. “The FedRAMP PMO has been collaborative and agile throughout the process, making it possible to move quickly while building something meaningful together.” This collaboration has reduced authorization timelines from months or years to weeks, enhancing efficiency while maintaining robust security standards.
Vanta’s FedRAMP 20x Low Authorization strengthens its commitment to the U.S. public sector, enabling businesses to deliver secure cloud solutions to government agencies. The platform supports compliance with critical frameworks, including the Department of Defense’s Cybersecurity Maturity Model Certification (CMMC), NIST 800-53, NIST 800-171, NIST AI RMF, CJIS, and HIPAA. This capability empowers over 12,000 customers, including Atlassian and Duolingo, to demonstrate trust transparently.
Following its recent Series D funding, Vanta is expanding its role as a leader in trust management, streamlining the adoption of commercial technology in government. The acquisition of Riskey further enhances its Vendor Risk Management capabilities, offering continuous, AI-driven risk intelligence. Vanta’s platform simplifies compliance for industry partners, positioning it as a key player in both public and private sectors.
Vanta’s achievement in the FedRAMP 20x pilot marks a significant step toward modernizing federal cloud security. By leveraging automation and fostering public-private collaboration, Vanta is paving the way for faster, more secure technology adoption across government agencies, with plans to pursue further authorizations in future phases.
Vanta is the leading AI trust management platform that helps organizations of all sizes earn and prove trust. Over 12,000 companies including Atlassian, Duolingo, Icelandair, Ramp and Synthesia rely on Vanta to build, maintain and demonstrate their trust—all in a way that's real-time and transparent. Founded in 2018, Vanta has customers in 58 countries with offices in Dublin, London, New York, San Francisco and Sydney.
TechIntelPro empowers B2B technology decision-makers with the latest industry trends, deep insights, leadership perspectives and actionable intelligence to drive both organizational and professional milestones—and thrive on the tech pulse.