Is Defender for Cloud's integrated Qualys vulnerability scanner FedRAMP authorized?

Chen, Vivien (CGI Federal) 0 Reputation points
2023-02-27T20:21:24.8266667+00:00

Is Defender for Cloud's integrated Qualys vulnerability scanner FedRAMP authorized? And if so, what level?

Is Microsoft's Defender built-in Vulnerability Management be FedRAMP authorized? And if so, what level?

If these vulnerability scanners are in Azure Commercial does that affect their FedRAMP authorization level?

Thank you!

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,186 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Andrew Blumhardt 9,491 Reputation points Microsoft Employee
    2023-03-01T19:40:29.95+00:00

    FedRamp applies to the Azure Gov tenants. Qualys is not available for the Gov tenants. https://learn.microsoft.com/en-us/azure/defender-for-cloud/deploy-vulnerability-assessment-vm#availability

    I recommend the following link:
    https://learn.microsoft.com/en-us/azure/compliance/offerings/offering-fedramp

    I also recommend working with your organization's Microsoft support contacts for additional details if needed.

    0 comments No comments