Are there plans for apigee to be FedRAMP authorized/certified?,Is anyone using apigee in a NIST regulated environment?

Are there plans for apigee to be FedRAMP authorized/certified?

Is anyone using apigee in a NIST regulated environment? While they may be owned by Google, apigee appears to be operating independently and is not a FedRAMP authorized solution. Does anyone have any info or insights on whether one can use IGA tools that are FedRAMP compliant and also use apigee? I see that apigee is PCI compliant, so it wouldn't be a huge stretch for them to achieve FedRAMP authorized status. Any insight or guidance would be helpful. Thank you.

0 3 1,013
3 REPLIES 3

Unofficial response from Apigee - in case this is helpful to others:

We are working on FedRAMP certification. As per our engineering team, the best estimate for completion is around Q4 2020.

For reference, as of today, Apigee holds the following certifications:

• SOC 1 Type 2

• SOC 2 Type 2

• SOC 3

• PCI DSS

• ISO 27001

• ISO 27017

• ISO 27018

• HIPAA

• HITRUST

• BSI C5

Hi, Apigee X is now authorized for FedRAMP Moderate.

See: https://cloud.google.com/security/compliance/fedramp

 

w00t! 

Thanks Paul!