New framework: Scrut now supports FedRAMP Moderate

What's new?

Scrut now fully supports the FedRAMP (Federal Risk and Authorization Management Program) Moderate baseline, enabling cloud and SaaS providers to meet U.S. federal security requirements with confidence.

Why was this needed?

FedRAMP Moderate is a mandatory requirement for working with U.S. federal agencies. The Moderate Impact Level is the most common authorization, covering Cloud Service Providers (CSPs) that handle data not available to the public, such as Personally Identifiable Information (PII), for which a breach could have a serious adverse effect on operations.

Achieving a Moderate baseline authorization proves your organization meets the rigorous security standards required to protect sensitive government data, significantly expanding your market reach into the public sector.

• Security Baseline: Includes over 300 controls based on NIST SP 800-53, ensuring a high level of operational security.

• Continuous Monitoring: Requires ongoing assessment of security controls to maintain authorization.

• Trust & Credibility: Demonstrates a "gold standard" security posture to both public and private sector clients.

How it works

• Access FedRAMP Moderate from the Frameworks module.

• Work with 300+ controls aligned to NIST SP 800-53.

• Use pre-configured policy templates tailored to the Moderate baseline.

• Assign control owners, track validation progress, and centrally manage evidence.

• Generate readiness reports for internal reviews and 3PAO audits.

Need help?

Your Customer Success Manager (CSM) is always ready to help if you need assistance. Explore all recent product updates → View now.