This document summarizes a presentation on government accreditation and security myths related to commercial software. The presentation covers:
- A short history of government accreditation requirements like FISMA, DoD, and intelligence community policies
- Common myths and misconceptions around topics like FedRAMP certification, AWS GovCloud, DISA, and security best practices
- Resources for understanding compliance requirements and addressing security issues like CIS benchmarks and hardened Amazon Machine Images
The presentation aims to clarify accreditation processes and dispel myths in order to help technology firms and independent software vendors navigate requirements for government work.