* [Blog](https://www2.paloaltonetworks.com/blog)
* [Cloud Security](https://www2.paloaltonetworks.com/blog/cloud-security/)
* [Announcement](https://www2.paloaltonetworks.com/blog/cloud-security/category/announcement/)
* Prisma Cloud Achieves "In...

# Prisma Cloud Achieves "In Process" for FedRAMP High

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2Fcloud-security%2Ffedramp-high-inprocess%2F)  
[](https://twitter.com/share?text=Prisma+Cloud+Achieves+%E2%80%9CIn+Process%E2%80%9D+for+FedRAMP+High&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2Fcloud-security%2Ffedramp-high-inprocess%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2Fcloud-security%2Ffedramp-high-inprocess%2F&title=Prisma+Cloud+Achieves+%E2%80%9CIn+Process%E2%80%9D+for+FedRAMP+High&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www2.paloaltonetworks.com/blog/cloud-security/fedramp-high-inprocess/&ts=markdown)  
\[\](mailto:?subject=Prisma Cloud Achieves “In Process” for FedRAMP High)  
Link copied  
By [Cameron Hyde](https://www.paloaltonetworks.com/blog/author/cameron-hyde/?ts=markdown "Posts by Cameron Hyde")  
Jan 23, 2024  
5 minutes  
[Announcement](https://www.paloaltonetworks.com/blog/cloud-security/category/announcement/?ts=markdown)  
[CNAPP](https://www.paloaltonetworks.com/blog/cloud-security/category/cnapp/?ts=markdown)  
[Government](https://www.paloaltonetworks.com/blog/category/government/?ts=markdown)  
[FedRAMP](https://www.paloaltonetworks.com/blog/tag/fedramp/?ts=markdown)

*Prisma Cloud takes the next step in working toward Federal Risk and Authorization Management Program (FedRAMP) High authorization and has achieved the "in process" milestone on the* [*FedRAMP Marketplace*](https://marketplace.fedramp.gov/products/FR2317253567)*.*

In its commitment to be the government's cybersecurity partner of choice, Palo Alto Networks provides unparalleled support for federal organizations with dedicated investment in providing tools for a safer and more secure digital world.

## Government Cloud Adoption

The modernization of tech stacks across the U.S. government presents agencies and departments with opportunities to increase speed and agility. Gartner reports, "Approximately 1,358 of the 7,772 projects in the U.S. federal government's IT portfolio were using cloud services, with another 1,800 projects migrating or considering the use of cloud services."^1^ This trend highlights the growing significance of cloud adoption within the government sector.

Transitioning to cloud-delivered services brings new security challenges. Government agencies, such as law enforcement, emergency services systems, financial systems and health systems have stringent security requirements. In the event of a breach, sensitive data could be exposed.

Operationalizing cloud security presents challenges, particularly blind spots for organizations adopting siloed tools that don't integrate. Ultimately, powerful insights are left on the table. Consider cloud security posture management (CSPM), cloud infrastructure and entitlement management (CIEM), and data security. Lacking the capacity to cross-correlate risk factors such as misconfigurations, overly permissive identities and sensitive data creates gaps that lead to ineffective threat analysis and poor risk prioritization. Weaknesses can' be traced to their source, which leaves potential attack paths undiscovered and organizations at risk.

In contrast to siloed security, [CNAPPs](https://www.paloaltonetworks.com/cyberpedia/what-is-a-cloud-native-application-protection-platform) enable organizations to consistently apply security best practices throughout the entire cloud-native application lifecycle. With a CNAPP, teams can begin implementing security checks during code development, gain comprehensive visibility into cloud resources in their environment, and actively block attacks as they occur. By connecting powerful insights, identifying attack paths and tracing security weaknesses back to their origin, CNAPPs provide unmatched security.

![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2024/01/Fedramp1.png)

## Advancing Toward FedRAMP High Authorization

Palo Alto Networks has had a long relationship with the FedRAMP program. In 2020, Prisma Cloud achieved Moderate ATO for our CSPM and CIEM capabilities.

In March 2023, Palo Alto Networks announced that it had been [selected by the Joint Advisory Board (JAB)](https://www.paloaltonetworks.com/blog/prisma-cloud/fedramp-high-impact-ready/) and was pursuing FedRAMP High authorization for Prisma Cloud. Palo Alto Networks has since been undergoing the JAB authorization process to uplevel Prisma Cloud from FedRAMP Moderate to FedRAMP High and expand the number of supported capabilities from 2 to 10.

In January 2024, Palo Alto Networks achieved in-process status for FedRAMP impact level High for Prisma Cloud services, as illustrated in Table 1.

|--------------------------------------------------------------------------------------------------------------------------|---------------------------------|----------------------|
| **Prisma Cloud Module**                                                                                                  | **FedRAMP**  **Moderate** | **FedRAMP** **High** |
| [Visibility, Compliance and Governance (CSPM)](https://www.prismacloud.io/prisma/cloud/visibility-compliance-governance) | Authorized                      | In Process           |
| [IAM Security (CIEM)](https://www.prismacloud.io/prisma/cloud/cloud-infrastructure-entitlement-mgmt)                     | Authorized                      | In Process           |
| [Threat Detection](https://www.prismacloud.io/prisma/cloud/cloud-threat-detection)                                       | N/A                             | In Process           |
| [Host Security](https://www.prismacloud.io/prisma/cloud/host-security)                                                   | N/A                             | In Process           |
| [Container Security](https://www.prismacloud.io/prisma/cloud/container-security)                                         | N/A                             | In Process           |
| [Serverless Security](https://www.prismacloud.io/prisma/cloud/serverless-security)                                       | N/A                             | In Process           |
| [Web Application and API Security](https://www.prismacloud.io/prisma/cloud/web-application-API-security)                 | N/A                             | In Process           |
| [Infrastructure as Code Security](https://www.prismacloud.io/prisma/cloud/infrastructure-as-code-security)               | N/A                             | In Process           |
| [Software Composition Analysis](https://www.prismacloud.io/prisma/cloud/software-composition-analysis)                   | N/A                             | In Process           |
| [Secrets Security](https://www.prismacloud.io/prisma/cloud/secrets-security)                                             | N/A                             | In Process           |

Table 1: Prisma Cloud's current FedRAMP status by capability

## Why Prisma Cloud for Federal?

Prisma Cloud is a single, integrated platform that protects applications from code to cloud, preventing breaches and reducing risks in near real time across the application lifecycle. Unlike fragmented point products, Prisma Cloud delivers comprehensive Code to Cloud^TM^ security by combining insights from each application stage and from the multiple security capabilities seamlessly embedded in the cloud application journey.

\*\*Reduce security risks without impacting developer productivity.\*\*Many development teams spend a significant portion of their time, sometimes up to one-third, addressing security issues. Prisma Cloud integrates with tools developers commonly use, enabling early detection, remediation and prevention of security flaws throughout the development lifecycle.

\*\*Prevent security breaches.\*\*Detect and block exploits such as container escapes and OWASP Top 10 security risks in runtime to prevent potential breaches. Prisma Cloud delivers protection across workloads, web applications and APIs.

**Improve compliance and security posture.** Enhance adherence to regulatory requirements and strengthen overall code and cloud security defenses. Prisma Cloud baselines your cloud environments against controls defined by regulatory standards and industry best practices (FedRAMP, CIS and more).

**Reduce operational burden**. Spend less time combing through alerts and effortlessly prioritize impactful issues. Prisma Cloud automatically detects and correlates related risks that pose the greatest potential for attack.

**DevSec collaboration**. Foster effective collaboration between developer and security teams to reduce mean time to remediate (MTTR) risks. With Prisma Cloud, security teams hand off fewer issues to application owners and leverage app context for stronger, efficient communication.

With Prisma Cloud, Palo Alto Networks is uniquely positioned to provide the public sector with the security foundations and workforce enablement outlined in the [Federal CIOs Council's Federal Cloud Computing Cloud Smart strategy](https://cloud.cio.gov/strategy/).

## Learn More

Palo Alto Networks currently helps U.S. government agencies under FedRAMP Moderate regulation secure their applications with Prisma Cloud. We look forward to partnering with FedRAMP High organizations. If you'd like to put Prisma Cloud to the test and discover hidden threats in your cloud environment, take advantage of our [complimentary cloud security risk assessment](https://www.paloaltonetworks.com/prisma/cloud/free-cloud-security-risk-assessment), including a 10-day Prisma Cloud trial.

**Resources**

1. Brown, Michael and Daniel Snyder. "Predicts 2023: Does Reach Exceed Grasp for U.S. Federal Government?" Gartner, Inc., February 28, 2023. G00778626.

*** ** * ** ***

## Related Blogs

### [Announcement](https://www.paloaltonetworks.com/blog/cloud-security/category/announcement/?ts=markdown), [Cloud Security](https://www.paloaltonetworks.com/blog/category/cloud-security/?ts=markdown), [CNAPP](https://www.paloaltonetworks.com/blog/cloud-security/category/cnapp/?ts=markdown), [Code to Cloud to SOC](https://www.paloaltonetworks.com/blog/cloud-security/category/code-to-cloud-to-soc/?ts=markdown)

[#### Introducing Cortex Cloud 2.0: Smarter Cloud Security for an AI-Driven World](https://www2.paloaltonetworks.com/blog/cloud-security/cloud-security-platform-cortex-cloud-2-0/)

### [Government](https://www.paloaltonetworks.com/blog/category/government/?ts=markdown), [News \& Events](https://www.paloaltonetworks.com/blog/sase/category/news-events/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [Public Sector](https://www.paloaltonetworks.com/blog/category/public-sector/?ts=markdown)

[#### Prisma Access Browser Achieves FedRAMP Moderate Authorization](https://www2.paloaltonetworks.com/blog/sase/prisma-access-browser-achieves-fedramp-moderate-authorization/)

### [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Government](https://www.paloaltonetworks.com/blog/category/government/?ts=markdown), [Public Sector](https://www.paloaltonetworks.com/blog/category/public-sector/?ts=markdown)

[#### Making Every Dollar Count for Federal Cybersecurity](https://www2.paloaltonetworks.com/blog/2025/03/making-every-dollar-count-federal-cybersecurity/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Government](https://www.paloaltonetworks.com/blog/category/government/?ts=markdown), [News and Events](https://www.paloaltonetworks.com/blog/security-operations/category/news-and-events/?ts=markdown)

[#### Cortex Is the First SOC Platform to Achieve FedRAMP High Authorization](https://www2.paloaltonetworks.com/blog/2025/01/cortex-achieve-fedramp-high-authorization/)

### [Announcement](https://www.paloaltonetworks.com/blog/cloud-security/category/announcement/?ts=markdown), [Cloud Security](https://www.paloaltonetworks.com/blog/category/cloud-security/?ts=markdown), [CNAPP](https://www.paloaltonetworks.com/blog/cloud-security/category/cnapp/?ts=markdown), [Data Security Posture Management](https://www.paloaltonetworks.com/blog/cloud-security/category/data-security-posture-management/?ts=markdown)

[#### Prisma Cloud Innovations: September's Highlights](https://www2.paloaltonetworks.com/blog/cloud-security/feature-innovations-2024/)

### [Announcement](https://www.paloaltonetworks.com/blog/cloud-security/category/announcement/?ts=markdown), [CNAPP](https://www.paloaltonetworks.com/blog/cloud-security/category/cnapp/?ts=markdown), [Research](https://www.paloaltonetworks.com/blog/category/research/?ts=markdown)

[#### Prisma Cloud Delivered 264% ROI Forrester Consulting TEI Study Finds](https://www2.paloaltonetworks.com/blog/cloud-security/forrester-tei-study-2023/)

### Subscribe to Cloud Security Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www2.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language