Cloud Foundry is the world's most popular open source software for structured platforms. It supports agile development and operations of Cloud Native Applications (CNA) using both virtual machines and containers. And it runs on top of all of the world's most popular cloud infrastructure environments, both public and private.
Certification of a structure platform environment is not a trivial effort. The good news is that it's a highly leveraged one, since it can reduce the effort required to certify applications that run on this platform to near-zero. (See Diego Lapiduz's talk at the Cloud Foundry Summit to hear how they brought C&A time down from 9 months, to just 3 days!)
This book is (poorly) divided into a few sections:
- Mapping of Cloud Foundry features to regulatory controls
- Recommended operational controls in typical Reference Architectures
- Supporting materials
- (COMING SOON!) An example System Security Plan (SSP) under FedRAMP Moderate