Press Release

Coalfire, an Amazon Web Services, Inc. (AWS) Advanced Consulting and Government Competency Partner within the AWS Partner Network (APN), Introduces a Cloud Strategy to Help AWS Customers Become FedRAMP Assessment-Ready in Less Time

November 5, 2018

Innovest Systems Assessment-Ready in Less than 6 Months with Joint Coalfire and AWS Program

Westminster, CO – Nov. 5, 2018Coalfire, a provider of cybersecurity advisory services, announced today that the company is offering a Federal Risk and Authorization Management Program (FedRAMP) consulting and engineering service that enables customers to become FedRAMP authorized, using AWS Security Automation and Orchestration (SAO) methodology, in less time than more traditional approaches. Coalfire is one of the security providers to collaborate with AWS in developing the SAO methodology, which helps reduce risk and ease the burden of deploying solutions that meet FedRAMP compliance.

AWS customers who need to meet the U.S. federal government FedRAMP requirements for technical readiness and documentation of their system can now work with Coalfire on an accelerated and automated process enabled by the AWS SAO methodology. Customers can use AWS CloudFormation, DevOps tools and leading security practices to gain reusable Automation and DevOps Orchestration techniques for FedRAMP workloads and applications. Customers can deploy FedRAMP preconfigured AWS Cloud and security services to achieve a FedRAMP Authority to Operate (ATO) faster.

“We’re excited about what this new approach to FedRAMP accreditation can do for our customers,” said Adam Salerno, Senior Director, Security Architecture at Coalfire. “The Coalfire methodology enables AWS customers to build a FedRAMP-compliant solution in less than six months, rather than working through the historical 12+ month readiness process, enabling organizations (which may not have deep cloud expertise) to get to market faster and reduce internal resource burdens.”

Using the new AWS SAO methodology, Coalfire completed a FedRAMP SAO cloud migration and documentation engagement for Innovest Systems, a SaaS-based wealth management solution, in less than six months. This enabled Innovest Systems to constrain, track and publish continuous risk treatments (CRT) and configurations, and assimilate DevOps routines (e.g., continuous integration (CI) and continuous delivery (CD)) into a secure AWS architecture that is configured according to FedRAMP requirements for moderate impact systems.

“We’re very pleased with the speed and efficiency of this process, and Coalfire’s methodology and expertise have us confident going into the FedRAMP 3PAO assessment,” said Erick Lindley, Chief Security Officer at Innovest. “We’re looking forward to the opportunity to expand our FedRAMP-required customer base after this process is complete.”

“Security and compliance are primary considerations for so many of our customers as they begin their cloud journey,” said Troy Bertram, Director of Business Development and Partners, Worldwide Public Sector at AWS. “We’re proud to collaborate with APN members like Coalfire to rapidly bring our joint customers the solutions they need to achieve their unique compliance requirements so that they can take advantage of the many benefits of cloud.”

About Coalfire

Coalfire is the trusted cybersecurity advisor that helps private and public-sector organizations avert threats, close gaps and effectively manage risk. By providing independent and tailored advice, assessments, technical testing and cyber engineering services, we help clients develop scalable programs that improve their security posture, achieve their business objectives and fuel their continued success. Coalfire is the leading FedRAMP Third Party Assessment Organization (3PAO) with over 80 cloud service provider (CSP) clients achieving a FedRAMP JAB P-ATO or Agency ATO. Coalfire’s FedRAMP advisory team works with many other CSPs to prepare, design and document systems for FedRAMP. Coalfire has been a cybersecurity thought leader for more than 17 years and has offices throughout the United States and Europe.

For more information, visit

About Innovest Systems, LLC & Trust & Wealth Management Solution

The Innovest Trust & Wealth Management Solution provides a Software-as-a-Service (SaaS)-based principal and income accounting, investment management and reporting system for institutions that need to control, account for and report on assets held in trust, wealth and retirement accounts. The Trust & Wealth Management Solution is comprised of the InnoTrust and InnoVue offerings from Innovest. InnoTrust is browser-based and is the core application deployed by Innovest to support the accounting and reporting needs of banks, trust companies, wealth management firms, retirement plan administrators and custodians. InnoTrust is also webservices/API enabled to more readily integrate with internal programs and third-party applications. InnoVue is browser-based and provides access for end clients to view account information anytime, anywhere. Innovest Systems is pursuing their Federal Risk and Authorization Management Program (FedRAMP) Agency Authority to Operate (ATO) through a civilian agency within the AWS GovCloud (US) region.

Press Contact:
Mike Gallo
For Coalfire