Vanta, an AI-powered trust management platform, has received its FedRAMP 20x Low Authorization from the Federal Risk and Authorization Management Program (FedRAMP®) Program Management Office (PMO), placing it among the first four cloud service providers to complete the FedRAMP 20x Phase One Pilot program.

The General Services Administration (GSA) initiated the FedRAMP 20x Phase One Pilot program in March 2025. Its objective is to evaluate a new methodology for FedRAMP Low authorization, which incorporates Key Security Indicators (KSIs) and machine-readable validation to assess and validate the security capabilities expected of cloud services utilized by the federal government.

Since May 2025, Vanta has actively participated in the 20x Phase One Pilot program. The company collaborated with the FedRAMP PMO, internal audit partner Sunstone Secure, and external audit partner Schellman, alongside the broader FedRAMP community. This collaboration aimed to develop new pathways that accelerate the efficiency and effectiveness of the FedRAMP process, while continuously enhancing security. Christina Cacioppo, CEO of Vanta, stated, “We are proud to participate in this historic modernization effort, demonstrating how automation and commercial innovation can bring greater efficiency to the government authorization process. Thank you to the FedRAMP team for leading the 20x initiative with energy and transparency, and for working with the entire community to promote public-private trust and collaboration.”

Vanta’s FedRAMP 20x Low Authorization highlights its commitment to supporting the U.S. public sector and enabling businesses that serve government agencies. Vanta currently assists its customers in demonstrating compliance with essential government frameworks, including the Department of Defense’s Cybersecurity Maturity Model Certification (CMMC) for the Defense Industrial Base, as well as NIST 800-53, NIST 800-171, NIST AI RMF, CJIS, and HIPAA. Following a recent Series D funding announcement, Vanta is expanding its collaboration and market leadership across both public and private sectors to streamline the secure adoption of commercial technology in government, and simplify how industry partners and customers can demonstrate and maintain adherence to government standards. Arpita Husain, Security Analyst at Vanta, commented, “It’s been an incredible experience for the Vanta team to work alongside the broader community in shaping the future of FedRAMP 20x over the past two months. The FedRAMP PMO has been collaborative and agile throughout the process, making it possible to move quickly while building something meaningful together. Today is just the first milestone of many to come as we showcase the power of trust management for supporting the public sector mission.”

Vanta, founded in 2018, is utilized by over 12,000 organizations, including Atlassian, Duolingo, Icelandair, Ramp, and Synthesia, to build, maintain, and demonstrate trust in a real-time and transparent manner. The company serves customers in 58 countries and operates offices in Dublin, London, New York, San Francisco, and Sydney.