FedRAMP Authorized — Moderate Impact
Tenable.io Government Cloud by Tenable. 6 compliance features verified.
Tenable.io Government Cloud
by Tenable
Impact Level
Moderate
Status
Authorized
Pricing
mid market
Authorization Date: July 30, 2019 | Sponsoring Agency: GSA
Overview
Tenable.io Government Cloud provides FedRAMP Moderate authorized vulnerability management and assessment for government organizations. It offers continuous visibility into vulnerabilities across IT, cloud, and container environments. The platform supports compliance auditing against NIST, CIS, and DISA STIG benchmarks.
Key Features
Certifications & Authorizations
Deployment Options
NIST 800-171 Compliance Coverage
How to Procure Tenable.io Government Cloud for Defense Contracts
Tenable.io Government Cloud is available through GSA Multiple Award Schedule (MAS) under SIN 132-51 (Information Technology Professional Services) and SIN 132-62 (IT Security and Counterintelligence). The platform is also procurable via SEWP VI contracts and CIO-SP3 OASIS vehicles. Government pricing includes volume discounts and educational rates typically 15-25% below commercial pricing. For SSP development, the authorization boundary must clearly delineate between Tenable's FedRAMP-authorized infrastructure and your agency's scanning targets. Contracting officers need to approve the data flow diagrams showing vulnerability scan data transmission, ensure scanning schedules don't impact mission-critical systems, and validate that scan credentials are properly secured. Typical procurement timeline is 90-120 days including security review, with faster deployment possible for agencies already using FedRAMP Moderate services. For CMMC assessments, include Tenable.io Government Cloud within your assessment boundary as a critical security control supporting vulnerability management (VM.1.194-196). Document how the platform supports your continuous monitoring strategy and ensure scanning policies align with NIST 800-171 requirements. Integration with existing security orchestration tools should be documented in your System Security Plan.
Compliance Cross-References
Tenable.io Government Cloud's FedRAMP Moderate authorization directly supports DFARS 252.204-7012 safeguarding requirements by providing continuous vulnerability assessment capabilities mandated for covered contractor information systems. The platform addresses DFARS 252.239-7010 cloud computing security requirements through its government-dedicated cloud infrastructure and controlled data flows. For NIST 800-171 compliance, the platform supports Access Control (AC) family through vulnerability-based access decisions, System and Communications Protection (SC) through network scanning and configuration assessment, and Audit and Accountability (AU) through comprehensive vulnerability reporting. Under CMMC Level 2, Tenable.io Government Cloud supports Asset Management (AM), Configuration Management (CM), and System and Information Integrity (SI) domains by providing continuous asset discovery, configuration baseline monitoring, and real-time vulnerability identification. The DoD Cloud Computing SRG Impact Level 2 authorization ensures the platform meets DoD-specific security requirements for processing Controlled Unclassified Information (CUI), making it suitable for defense contractors handling DFARS-regulated data.
Defense Contractor Use Case
Defense contractors use Tenable.io Government for continuous vulnerability management and compliance scanning, generating evidence for CMMC assessments and NIST 800-171 compliance.
Related Products
More Security Products
Related Compliance Assessments
Frequently Asked Questions
What is the FedRAMP authorization level for Tenable.io Government Cloud?
Tenable.io Government Cloud is authorized at the FedRAMP Moderate impact level, with authorization granted on 2019-07-30 sponsored by GSA. The FedRAMP Moderate baseline includes approximately 325 security controls covering confidentiality, integrity, and availability.
Can defense contractors use Tenable.io Government Cloud for CUI?
Tenable.io Government Cloud is authorized at the FedRAMP Moderate baseline. While FedRAMP Moderate covers a broad range of government data, defense contractors handling CUI should carefully evaluate whether Moderate controls meet their specific DFARS 252.204-7012 and NIST 800-171 requirements. Some CUI categories may require FedRAMP High authorization depending on the sensitivity of the data and contract requirements.
How does Tenable.io Government Cloud pricing compare to commercial?
Tenable.io Government Cloud government pricing is generally competitive with commercial pricing, though the government edition may carry a premium of 10-20% to cover FedRAMP compliance and dedicated infrastructure costs. Mid-market organizations can often access government pricing through GSA Schedule contracts or reseller partners. Contact Tenable for a quote tailored to your organization size and requirements.
Browse All FedRAMP Authorized Tools
Search and filter 80+ FedRAMP authorized products for your defense contracting needs.
Open FedRAMP FinderTrack Tenable.io Government Cloud FedRAMP compliance updates with AI-powered intelligence
Signals matches SAM.gov opportunities to your profile, monitors regulatory changes, and alerts you before competitors. Free for 90 days.
Start Free — 90 Days