InfusionPoints Achieves FedRAMP 20x Moderate (Class C): What It Means for the Future Artwork

Behind the Shield

Behind the Shield is InfusionPoints’ podcast where we sit down with partners, customers, and industry leaders to talk about FedRAMP, compliance, and cybersecurity in today’s government landscape. Each episode offers laid-back, insightful conversations that blend expertise with real-world experiences.

All Episodes

Behind the Shield

InfusionPoints Achieves FedRAMP 20x Moderate (Class C): What It Means for the Future

April 15, 2026 • InfusionPoints • Season 1 • Episode 29

0:00 | 35:12

In this special announcement episode of Behind the Shield, we’re sharing a major milestone for InfusionPoints and what it signals for the future of federal cloud security.

Chad Spears and Tanner Bailey break down our FedRAMP 20x Moderate (Class C) achievement, what it took to get here, and why this moment matters for cloud service providers, agencies, and the broader FedRAMP ecosystem. This isn’t just another certification, it’s proof that the shift from point-in-time compliance to continuous validation is already happening.

We unpack how FedRAMP 20x is transforming how security is demonstrated, moving away from static documentation and toward real-time, machine-readable evidence through Key Security Indicators (KSIs). We also touch on the journey behind this achievement, from early automation efforts to navigating evolving PMO expectations.

You’ll hear how this approach changes the experience for providers and assessors, creating a more collaborative and efficient path to authorization. We also explore the business impact, including faster time to market and a clearer path for organizations entering the federal space.

Whether you're pursuing FedRAMP, evaluating 20x, or trying to understand where the program is headed, this episode offers practical insights and a clear view into what comes next.

Chapters:
0:10 Introduction and Special Announcement
0:45 Certification Achievement
1:23 Significance of 20X Certification
2:45 Customer Impact and FedRAMP Framework
6:07 Understanding FedRAMP Designations
11:48 Journey to 20X Certification
18:30 Team Effort and Continuous Validation
18:47 Customer Benefits of 20X Certification
19:02 Platform as a Service and FedRAMP
19:29 Security Controls and KSI's
20:25 Speed to Market with XB40
21:53 Webinar and Education Initiatives
22:48 Upcoming Webinar Details
26:22 Team Recognitions and Shoutouts
30:57 Closing Remarks

What You’ll Learn:
• What achieving FedRAMP 20x Moderate (Class C) actually means
• Why this milestone is important for CSPs and federal agencies
• How FedRAMP 20x is shifting compliance to continuous validation
• The real business impact of faster authorization timelines
• How automation and KSIs replace traditional audit processes
• What makes this approach different from Rev. 5 assessments
• How InfusionPoints approached the 20x journey internally
• What this means for customers looking to enter the federal market
• Why this proves the transition from Rev. 5 to 20x is possible

Resource Links:
https://www.fedramp.gov/rfcs/
FedRAMP 20x Community Update- https://youtu.be/eU0i6c3Yk8o?si=_kbfmhax8BD154Q7

InfusionPoints Links:
https://xbu40.com/
20x Quick Look Assessment- https://xbu40.com/assessment
20x Webinar Series | Session 1- https://youtu.be/EoaXjGa-vl0?si=UmnDCXY4dhTKpC6L
20x Webinar Series | Session 2 Registration- https://riverside.com/webinar/registration/eyJldmVudElkIjoiNjlkZDUzZmNiNWI5MjQ2YTllY2E0YmUwIiwic2x1ZyI6Imphc29uLXNocm9wc2hpcmVzLXN0dWRpbyJ9
Chad Spears-https://www.linkedin.com/in/chad-spears007/
Tanner Bailey- https://www.linkedin.com/in/tanner-b-37a50a132/
https://www.linkedin.com/company/infusionpoints/
https://infusionpoints.com/

About Us:
InfusionPoints is a cybersecurity, cloud engineering, and compliance partner helping organizations Build, Manage, and Defend secure environments in highly regulated markets.

We specialize in FedRAMP, FedRAMP 20x, DoD, and enterprise security, supporting customers from authorization through continuous monitoring.

With a security-first approach, we deliver scalable, compliant solutions that help organizations move faster without sacrificing security.

SPEAKER_00 0:10

All right, and welcome to another special episode of Behind the Shield. My name is Chad Spears with Infusion Points. And today I have with me Mr. Tanner Bailey. Tanner, thanks for joining me today. Glad to be here. Yeah, so we're excited to uh have this um you know out-of-band uh special announcements episode of Behind the Shield here. And a very special announcement that we're excited to uh to bring to the public. And uh I tell you what, Tanner, I'm gonna give you the uh uh the the the exciting part and and let you make the big announcement. So go for it.

SPEAKER_01 0:45

Yeah, absolutely. So um it's up there on your uh virtual background there, Chad. We're both wearing the shirts about it, but we uh we achieved our Federant Moderate uh 20x certification or Class C certification, whichever term you're using. Um so you know we got that on Friday, uh had our conversation with PMO and a couple of other providers that uh were part of that first uh cohort um authorization party, as they're calling it, for class C as part of a 20X Phase 2 cohort to. So uh very exciting. I know it's a lot of memo jumbo, but long story short, we got our moderate for the XP40 platform, and we're excited to start leveraging that with customers.

SPEAKER_00 1:23

Yeah, at Infusion Points, this has kind of been a uh, I know an achievement that we've been striving for uh even since I've been with Infusion Points. And uh, you know, from a leadership perspective, we're we're so excited uh to see this come to fruition. Uh, but but more importantly as well, you know, we're invested in FedRamp. FedRamp is is who we are, uh, and to see this this shift and this change and uh 20X and to be part of driving 20x to the next level, uh, we we couldn't be more excited about this achievement here. Uh and on top of our XBU40 uh platform, and uh you know, we'll be talking about that here in just a little bit, Tanner, a little bit about why that's so significant. Um and the fact remains that you know XBU 40 existed even prior to 20x coming about. So it wasn't something new that we developed or designed uh to fit 20x. Uh it was something that we're all we were already doing. Uh, but I think you know, as we you know, we made the announcement, all right, hey, we've got our um our moderates or class C uh achievement and certification now. Um, why is it that this matters? And and so for the listeners out there, Tanner, you know, why should they care? Um again, uh, you know, yeah, companies get certified every day, but uh, why is it in particular this shift into 20x and 20x moderate? What what what really matters to the customers?

SPEAKER_01 2:45

Yeah, so to the customers, you know, it's uh as Jeff, our director of customer success says this all the time, or you know, as we've learned internally, you know, FedRAMP is a business framework. It's not just a security or a compliance framework. Uh, if you've listened to the podcast, you probably heard me say that a million times, or came to our webinar um that we had last month. But, you know, the idea here is how quickly can you make money? Um, and that's that's really what 20 is trying to fix. There was a lot of, you know, FedRamp was broken. You know, Pete said that numerous times, uh, whether it's in our workshops as part of the cohort or during working groups or in even public LinkedIn posts, uh, they were very uh transparent about that. And so FedRamp is trying to ease the path or smooth pave the road towards faster authorizations and simpler authorizations as well. So the idea behind simpler is not necessarily like security being simpler or being uh or less requirements, but more so how those requirements are shown. Um, you know, big keys being like help making sure the agencies can see the security s status of a system without diving into a 600-page SSP. Yeah, you know, it we all it's a it's a joke because it's it's happened. Everybody's had to deal with an SSP that's too long if you've been in the FedRamp space before. So that I there um this is a for us in particular, our position and our history in FedRamp, this is a signal to folks that have been involved with FedRamp for a long time that the transition from Red5 to 20X is possible. Um with you know, our platform XP40, like you mentioned, was has been around since before uh 20x's announcement. It was, you know, we've been using it in the red five space and even some of the DOD space before. So the security was already there for our platform, but with 20X, we were excited because we're like, oh, cool. Now we don't have to go through an egregious, you know, assessment process. Every single time we want to get, you know, one of our customers uh you know help them through the FedRAMP process. Or, you know, as we were going through the process, 20x removing the agency sponsorship barrier for your initial certification from the PMO has been very exciting. So um, yeah, there's a lot of exciting things happening with 20x, and there's just a few of them.

SPEAKER_00 4:48

Yeah, for sure. I mean, you at the end of the day, you know, this is not just about getting through this compliance journey and and checking the box, but uh to me, it it really is the fact that that we're seeing before our eyes and we're participating in the fact of of how compliance is achieved, right? And and not only achieved, but then maintained. We've been involved in it at at every different level here at Infusion Points. Um, and now seeing uh this process be successful. You just said it, right? It it's possible, right? Uh it's validation that hey, uh this is possible, and and we've proved it for ourselves here at Infusion Points. Uh, and now we're excited to even bring this to our customer base and help them prove it as well. So really excited um uh about the path and the trajectory of even 20x right now. So let's uh let's clear up some confusion, right? So again, if you're looking at uh our there's been a lot of uh nomenclature changes, right? And uh if you're looking at my background right now, well, we've got moderate there in the parentheses, uh, we've got the class C, but you know, what does moderate actually mean in this context here? Let's let's help some of the viewers out there with that. You know, we're we're we're attempting to do that as well with with our webinar uh and and in the education front, but let's talk about that just a little bit. What does moderate truly represent?

SPEAKER_01 6:06

Yeah, so um yeah, for a for a deeper breakdown and kind of the to the PMO's mindset behind all this, I would highly recommend uh we're recording this as of April the 13th. Uh, we received our certification on April the 10th, but on April the 8th uh was the most recent 20X working group uh with PMO, you know, public event that's PMO hosts to answer questions, talk about their mindset, uh something a little bit more official than just you know blog posts or some LinkedIn posts from the rest of the GSA team. Uh because the PMO is breaking down at a more detailed level than what you and I can go into today, right, what the moderates or class C designation means in the context and avoiding the confusion of the FIPS levels. So, you know, it's been you know, FIPS that you know, your FIPS level denotes the severity of the data or the importance of the data, if you will. You know, highs where you know lives are at stake, moderate a little bit less so, low even more so. So um that's not the idea with FedRAMP with their designations. They're wanting to ease the burden of CSPs, trying to say, hey, I'm supporting a federal agency that's maintaining high data, but I only have FedRAMP low certification as an example. VMO is trying to get away from that, you don't necessarily have to from a Federant's not prescribing that you have to be a high system to help support an agency that has high FIPS data. Those two designations are separate. It's up to the agency to authorize whether you're allowed as that CSP to use that service. That's an agency decision based out of their CIO or their sysops office. Um the idea with the Federant designations is to say, you know, with class A, B, C, D, again, for definitions, that's the old guard. A is going to be your old pilot or like a ready status. Uh you know when Federer ready first got started. B is gonna be your low slash L ISS, C is gonna be your moderate, D is gonna be your high, D is coming in the future. No D no class D or high uh 20X certifications right now, that's coming with phase four. Uh and we're currently at phase two. So the idea is that for your 20x package, you you your authorization pack, your 20x certification package, you know, there's a lot of terms we're still trying to figure out here. Yeah, they um the PMO is requiring more data be shown about your validations. So with A, for example, if you go read the RFCs related to leveraging external frameworks and the Federate notice that's come out of that, A is saying you're taking your existing security framework, SOC 2, and you're saying, I have a subset of these KSIs and I can prove it based off of other frameworks I've done. Gets me on the marketplace, it helps me build business drivers and work with agencies to justify actually doing the work to get into Federal B C D. And you have two years to do so after getting A. Uh with low and moderate, again, please go listen to that working group. Pete breaks this down in more detail. But the idea is saying, you know, maybe with B, your class B slash low pilot, or excuse me, low slash LSS, you're saying it's a Boolean for each KSI at any given point in time on your dashboard, how often however often that refreshes, how often however often your trust center refreshes. I am green check mark, or I am you know red X mark, or it's uh you know, thumbs up, thumbs down, however you're gonna show it of saying I am compliant based off of the validation check I've built. And then for moderate and high, they're wanting to have more data. So historical metrics, uh remediation metrics are some things that are you know being proposed. Uh a lot of that's still being defined, and the final form of that again is gonna come out in CR 2026, those consolidated rules, um, which the PMO has noted um as a bit of an update recently that they're gonna be releasing at least part of the CR 2026 rules, um, sometime in May. Uh the last time that we heard before this update was gonna be end of June. So it's some of this is getting fast tracked, which will give CSPs and you know potential Federamp CSPs that are looking to get into the market uh a bit more of an opportunity to see kind of where Federap's going as opposed to waiting all the way toward the end of Q2 this year. Um yeah. Main way to summarize all of that, I know there's a lot of words out there. Uh as you go up from A, B to C to D, you're just showing more data about your validations. You're starting with subset, then you're going to uh Boolean, yes, no, you know, good yay nay, and then you're moving into historical metrics, remediation metrics, you have to report incidents more, et cetera, et cetera.

SPEAKER_00 10:23

Yeah, I I think that's important. Uh it's a very important call out. I feel like uh with the moderate piece uh or or class C, right? Uh this level really starts to demonstrate the the maturity of your operations of the environment, right? Uh with some of the KSIs and how you're presenting uh that data and the historical evidence um and tracking it over time. I think that's very important for folks to understand. And then from like, you know, a business perspective, we've talked about this, we've talked about this a little bit on the webinar as well. That class A uh being almost like that that uh that FedRamp ready, uh, you know, just to get into the marketplace, uh organizations can leverage that as that stepping stone, if you will, um, and and really kind of build that business case. Um whereas I believe with the moderate and why this is important, uh the class C, excuse me, uh why this is important for organizations and CSPs out there, is that it really shows right out the gate you've got that maturity already. So maybe it positions them just a little bit higher when it comes to agency adoption uh out there of their product. So yeah, uh agreed. It's uh there's a lot of moving parts, and that's why we here at Infusion Points are trying to continue uh to educate on this. Um, and I think that's that's actually beneficial in coming at some of the next things we want to talk about, right? Is uh kind of the story behind this achievement, right? We've we've seen this uh this whole thing, this paradigm shift uh quite dramatically here with 20x and uh you know all the things that it took internally for us to get here. Uh there's a lot. Uh we were actually even on a call earlier today where we were doing our our company wide announcement and uh just kind of reminiscing a little bit, right? Um and and I'll share this and want to get your perspective. You know, I remember pre-20x uh we're going through audits, our security operations team. And uh we're constantly with again, XPU40 has existed pre-20x, right? So we're constantly proving these environments and and pulling evidence and showing evidence. And uh we we had this this document, this repository, if you will, that was built of the commands that we would leverage during these audits to pull the information for the auditor because we knew uh the control families that we had to answer to, and we knew uh the evidence that we had to show for our platform because we built the platform. And so we had this repository of commands, and we actually pulled that up uh in the call earlier and took a look at that, and we're like, wow, I remember when we looked at this repository and we said, hey, we could automate every one of these commands and we could pull this data so much easier. And then that was really when the light bulb kind of went on. It's like, oh, you know, automated evidence collection, that's what we want to do, and we want to build that into command center and then build that into command uh uh excuse me, build that into XPU 40, but then build that into command center, which is the the platform management piece that we have within XPU 40. And so we started marching down that path, and then it's it's I don't know, it's like six months or so, but all of a sudden here comes this thing called 20x. And that's why I always use the phrase we've been 20xing for a long time. Uh, but that's just kind of some of the things that I reminisced on a little bit to even today, uh, as we were talking and discussing internally uh about this achievement and kind of where we've come from. But what what stands out to you, Tanner, uh when it comes to our our march down this 20x moderate path?

SPEAKER_01 13:40

Yeah, I think it's been uh like ballot as validation, pun not intended, um of kind of our mindset over the over years. You know, I you know I've been with Infusion Points uh in this role since 2021. Uh so been through a lot of assessments, whether it be Federal Low, Federal Moderate, Federal Hive supported, you know, coworkers to like DoD assessments. And, you know, we especially in the last two or three years, as you know, we we we've had this advisory team that we've had, you know, we've had a we've had the same team uh for the most part for a while that have really gotten trained and they've been through the ringer with Federant assessments and they have those resources that they've developed because they just realized it was easier to have like those repos in place. And we started to see in a lot of our assessments, especially annual assessments that our customers were going through, you know, we were cranking down assessments in two days or instead of the five-day timeline, you know, that assessors had. And a lot of that was, you know, this the time that we couldn't save that you know, those last two days or make it to where it was, you know, there was no screenshot sessions or anything like that. It came from just the speed of the assessor because the assessor has to go through their Rev5 process. And, you know, that's not, you know, we've worked with all the great assessors out there, you know, uh, whether it be Fortrium, Coalfire, Shellman, you know, it it you name it, A-line, you know, all those that are out there, they were all doing good work, but the process of Rev 5 was it just hindered them. Uh and they were even putting into place ideas of like, hey, here's a script that, you know, you can run, and that'll, you know, these are the commands. And it basically was they were having the same ideas we were having. And we realized that this was like a an industry-wide challenge. And then, like you said, you know, PMO comes out of seemingly out of nowhere with 20x and says, we think we have the solution, but we need people to drive with it. So we're like, well, we're already doing this, uh, let's figure it out. Uh, you know, we always wanted our own federal certification as well, so uh, or federal authorization at the time. And we decided to run with it. And a lot of it was just trying to figure out the paradigm shift. You know, we talked about it, a mindset shift, a fundamental shift in how compliance is done. But we we realized that things like the boundary, we had to challenge our thoughts on the federal boundary or the, you know, Pete said it, we've said it like the federal trauma that's out there has been um kind of a challenge for us to figure out. Uh, and just say, hey, let's experiment. Uh, we found things that worked, we found things that didn't work. Um, went through a lot of different schema styles. You know, Alex, when we were having our company-wide announcement earlier, Alex, our our lead 20x engineer, was talking about, you know, he appreciated that the team didn't gatekeep him from anything because he was just experimenting a lot of stuff. And I joked about the fact that, you know, I was glad that people were comfortable with me like bugging them about something 20x related, even though that's you know, it's like the new experimental thing. Like we're still delivering to customers as we're going through all of this on the XP 40 platform itself. You know, we're still using it as a platform to deliver while we're also trying to, you know, make changes to XP40 uh on our management side to get this 20x certification. So it was very much a learning experience, experimenting. We, you know, a lot of pivoting from the team, you know, we went through the especially during phase two. You know, phase one, it was very experimental, very low level of uh um requirement. So there wasn't it, you know, PMO was very prescriptive about what they wanted. But during phase two, the PMO saw out of phase one when we got our low certification that there was a lot of benefit to letting CSPs run with it. And you say, okay, here's the KSIs. Your story is your story, and the assessor, you know, advises you as they're going through and says, is this enough? Is it not? And then the PMO assessment team comes in and gives their recommendations. So we were, it was a very much a learning experience as we went through those workshops during phase two, which I think is where it really finally clicked for us um the PMO's vision for it. Um and in a lot of ways, I think the PMO's vision finally clicked for them too, because they knew it was a problem. And until you actually work through solving the problem, you don't know what the solution is. Yeah. And I feel like both us and the PMO have kind of found that in the KSI validation schema and trust center and having somewhere where the agencies can view it, but then also having more detailed views where you know the people that are doing the operations can keep doing the operations just like they were doing in row five um without the unnecessary guardrails. All the guardrails still got to be there, but we found a way to have the necessary ones and get rid of the the molasses ones, if you will.

SPEAKER_00 18:13

Yeah, and you know, you you touched on something there that uh I want to touch on for just a second that um as I was thinking through this a little bit, even over the weekend, right? You know, what how did how did this journey in 20 acts of obtaining this moderate feel different um versus the the traditional, you know, the ref five audits and things that we've been through, right? Because again, we we were we were audited, if you will, uh through this uh process as well. And so how did this feel different? And one of the things I thought about was this is really the team effort. And you touched on this just a little bit, was the team effort through this. You know, the traditional path, we still had all the same players, right? But it seemed like the same players were um, they were working in in their individual teams, right? So you had engineering that was gonna engineer the solution and build the solution, right? Uh you then had security operations that would come in and uh, you know, we're gonna apply our security uh pieces to it and we're gonna monitor it, we're gonna ensure that it's secure, we're gonna pen test and all these things. Uh, you got the operation side that would come in and actually operate the environments and things of that nature. Then you had the the compliance or the advisory pieces that would come in and uh, hey, let's let's find those gaps, let's ensure that we're meeting all the controls. And then we were take all that and we report it up to leadership, and leadership's like, yeah, hey, that's great. With this, it really felt like 20x brought all those people to the same table. And we all operated uh together, right? Um and and that's what's so cool about it because I remember one of the things to me that felt different from this after being through some of the uh traditional uh audits is you know, day one of the audit, you go through your things and you show your evidence, and that that's it. It's the last time you forget about it. Uh or last time you think about it for the audit, you're moving on to the next control family. Um with 20x, it's not that way. I remember coming back to the the historical dashboards that we've got and being like, oh yeah, we went over that yesterday. Oh, look, it's uh it's still 99%, or it's 100%, or hey, for whatever reason this dropped down to 80%. Oh yeah, that was this change that happened in the environment. Um you can't just sweep it under the rug and forget about it because it's always there. That goes back to that uh continuous validation, which is pretty cool um even as we're approaching this uh and showing that. And you know, hey, listen, yeah, there were some things that that fell even to the to the yellow or even the red as we're we're building this out and moving this along. But it was awesome to see that because we've seen it in action, we've seen the power of it as well with that continuous validation. Um and even the the customers out there and the agencies out there should appreciate that and the fact that, hey, yeah, we can see this in real time and see those dips and see that, hey, corrective action was taken and remediations were put in place for that dip. So that's one of the things to me that I got to thinking about how this was different, but also that faster approach. It allowed us to move quicker, allowed the auditor to move quicker. Um, and so I I do feel like there's definitely some synergy in the in the speed to to market with it. So yeah. Um again, a few folks want to call out there and teams, I should say, right? The the engineering team that that has built this on the back end of XPU 40. Um, you know, great. Those guys right there, I can't say enough uh good words about them because they've allowed you and I uh to cooperate at the levels that we're operating at. Uh, we have even the command center guys that are building the front end there for our management uh piece there of the platform for the platform management. Um and then outside of that, we got the security operations guys that are monitoring this environment as well. Uh we've even, as you mentioned as well, got some of the advisory folks that have come in and helped audit some of this, even. Um so it's just been a team effort here at Infusion Points. And so uh to each and every one of them, I thank y'all. Hats off to y'all. Absolutely. And so, you know, discussing all this and talking about kind of the know how XBU 40 fits in. Let's talk about that a little bit from the customer's perspective. So, you know, what does this achievement of our Class C um 20X authorization or certification, what does that really mean for our customers that are looking to possibly leverage uh XBU 40 as a uh platform uh as a service for them uh and even their their product or application that they're looking to get into the federal market. So what does this really truly mean for them?

SPEAKER_01 22:27

Yeah so um you know we talked about earlier we've been doing 20x for a while and this it's this in the same way we've been doing FedRAMP for a while. And so the idea here is like you said it's a platform as a service. We're doing as much as we can in the FedRAMP space to make the assessment process and the compliance authorization process as fast as possible and as easy as possible for our customers. So um just like we used to in the Rev5 space we or as we continue to do in the Rev5 space alongside 20x, you know, we have our XP40 platform that is designed to cover X number of security controls. And the same exact way it's designed to cover you know vast majority of the key security indicators for the 20x path. Plus there's already the trust center dashboard there's already the 20x dashboard inside of the command center platform management tool that you talked about that already has all those KSIs in there. And all we need to do is just work with our customers during onboarding design some new KSIs that are just you know specifically applicable to their business cases or you know things that make them unique as a company or makes their application unique adapt those to KSIs get them added to the dashboard um and get them through the process and get them all get them certified. So um it's uh yeah I mean it like just you know I I hate to oversimplify it but you know that's really been our plan from the beginning is to continue to you know take our skills and our value as a company and move forward.

SPEAKER_00 23:52

I I think that that's that's it overall right what I what I'm hearing is it's it's just speed, right? We've done a lot of the legwork uh for the customers uh and and we've been through the process now right and it's it's been proven so it's just speed uh so for those customers or CSPs that are out there looking to step into this in a timely fashion um and and at the end of the day we understand as you opened up with right the the business case uh around this right time equals money we we all we all hear that we know that um and so uh we can help with that uh with xb 40 because it allows you to get into the market quicker uh allows you to hit the ground running uh because the platform has been designed uh we we like to say this at infusion points right uh we build with security in mind first so we have a secure platform uh we call it xb u 40 um it just happens to be compliant as well meaning bed ramp 20x compliant it's also revive compliant right so so we've we've checked a lot of the compliance boxes but we always lead with security and because we've been able to do that it's really allowed and benefited our customers with speed to market and so that's one of the things I feel like uh that's really gonna resonate out there um with 20x overall but for our uh platform here xb 40 in particular it really is just that speed to market and allowing our customers to pull up uh plug in to xb40 and start showing uh validations so so talking about uh a little bit about this right we've talked about the uh the certification now we've talked about the you know the some of the lessons learned and some of that you know one of the things that we're doing that's kind of unique here at Infusion Points we we did a webinar a couple weeks ago uh it's even been about a week ago now it's not that been that long uh we're really trying to help educate uh individuals out there and educate customers and organizations out there about 20x uh what it truly means because again compliance didn't get easier security didn't get easier right we're just presenting the data in a different way and so you already have to you still have to have this platform out there you have to have all this built within the environment it's just how you're presenting that data and so we're trying to demystify it if you will so we did webinar uh for this and had a lot of great comments a lot of receptive folks out there coming to us I know I had several messages I was inundated on LinkedIn with messages from uh individuals out there that truly loved the approach of of educate first and so uh I'm gonna make an announcement now uh that because of the the outpouring of support that we got from that we're actually gonna be hosting webinar number two coming up where we're doing the exact same thing. We're probably gonna dive in a little deeper level uh but in that webinar we're gonna talk a little bit more about the business approach uh and so the business aspects around that maybe a little lower level as to why organizations want to jump on board now uh and maybe what that path even looks like and what we recommend that path to look like for them, right? Maybe there's some different scenarios that they fit in. But then also uh one of the things I know that we're gonna be pretty excited about is we're gonna we're gonna show some uh I don't want to say the the secret sauce or anything like that, but we're gonna show how we solve for uh some of these KSIs so we're actually gonna dive into some of the KSIs we're gonna show how we solve for it with our platform but then we're also gonna talk about how um you know you guys out there could actually solve for this in within your environment. Look um there's there's no secrets to be had we want to we want to share this knowledge out there uh and we want to share uh our experience uh that we have in the FedRamp space and help our customers and help uh just anybody that tunes in be successful in this space right everybody's success uh in the the FedRamp space is a success that is shared across the the board right uh rising tide raises all ships we like to say that here at Infusion Points and so uh I'm excited about webinar too uh Tanner what date are we gonna be doing that on? We're gonna be doing that April the 28th yep yep so two weeks from tomorrow at time of recording so not at release check your calendar please uh but yeah we're very excited um if you were at our first webinar sneak peek we're gonna be talking about how you actually do the homework that we gave you from that first webinar so um yeah go back and watch first one if you haven't um it's available on YouTube and sure it'll be linked uh and this podcast description uh wherever you're reading this wrong or viewing this from so uh yeah we're very excited to continue to demystify as you say Ched oh yeah yeah and and with that I should say as well uh at the end of that webinar uh the first webinar uh there is a a kind of a quick look assessment out there that folks can go you can go to our xb u40.com website uh scroll down to the bottom you'll see quick look assessment uh fill out the the form there and then answer I believe it's about 23 questions about your environment um and it'll give you a scoring as to kind of where you're at in your 20x journey um it'll really help you understand uh what lays before you in your 20x path uh some areas you need to be looking on um and and so uh we're really excited about that as well got a lot of folks that are reaching out uh that have taken that quick look assessment said hey man I see that we're actually a little bit further along than what we even thought about uh you know what would it take to get us uh on down the path there so yeah uh really excited about the webinar number two coming up and um I definitely believe that um we'll continue to gain uh more and more traction for FedRamp as a whole uh and for 20x as a whole the more we share our our the knowledge of it right it's not about uh you look we're not selling anything or anything like that we're just looking to educate people uh people people need to understand that this is there's a benefit for our our uh 220x uh for for everybody so excited about that so Tander before we close real quick uh I'm gonna I'm gonna turn it over to you uh on this for we got we got some some recognitions I know we definitely want to uh get some shout outs to so uh yeah what what do you what do you got on the team recognition side man we got a whole list here at Infusion yeah yeah and everybody on the lead side of things so you know Gary Jason Mike Felicia uh Gerald Jeff um you know yourself chad asso you know just shout out everybody uh helping guide us and uh you know uh keeping us uh focused and you know all of the you know everybody's team leads as well like you know Wade and I you know Wade hasn't been as involved directly with 20x as I think he's as he would want to be but his team he's helped you know focus his team and uh protect his team from a resourcing perspective and everybody that's in the in the business of customer delivery understands that resourcing is everything.

SPEAKER_01 30:30

So you know if anybody on your team is a you know thinking Chris Eves and thinking Mike from an operations perspective you know keeping folks uh focused uh the advisory team you know that that's the team as as are my people uh you know as much as anybody else at a fusion points but shout out to the advisory team for um all of my bugging them and letting them know as I learn stuff for 20x that's still in flux that they've been they've they've pivoted and worked with our current customers and with prospects on that. Yeah and then especially like the 20x engineering and front end teams uh so guys like you know Alex has been on the podcast before but Alex Fernando Riley Nick um on the 20x engineering side of things actually developing those KSIs and tools like that self-service assessment tool that you mentioned Chad that's actually developed by the team that did um that did our KSI development so um it's it's by folks that have done it before um and then also like the front end team you know everything that makes all the pretty bells and whistles of our trust center uh so guys like Matt, uh Caleb Kay um you know Gavin Chris E's the rest of the development team uh it's been it's been a been a long journey uh and then it literally you know we we say this is a team win and we mean it you know even if folks have not been directly involved in 20x just letting us you know supporting other parts of the business so we can continue to be involved to 20x as it's pivoted and uh moved so quickly has been a major blessing for the team. So uh and then also you know shout out to um you know Fortrim as our assessor that's been very helpful for us as they've also been pivoting and figuring out what all this looks like and then um you know the PMO just being a partner it's been very refreshing completely different you know relationship with PMO than we've had in the past.

SPEAKER_00 32:11

Yeah I think I I speak for everybody in 20x you know not just us but the other participants during the 20x cohorts um they've gotten to really partner with the PMO the PMO wants to make this happen uh not just because they need to make it happen they they actually believe in this initiative um yeah yeah for sure and I I definitely want to throw out a shout out as well to the uh I know we we've already mentioned them right the operation side but even the the security operations guys so uh here at points we've got a security operations team that operates uh 365 247 and so uh Eric Rolls over there keeping that team uh operating and and and again really just allowing you and I to to help go go heads down in 20x and and drive this uh here at Infusion Points and as you mentioned as well the leadership team but Jason and Gary uh at Cheryl Felicia Mike uh Jeff all those uh individuals that have uh you know been so beneficial in steering the company this direction but again uh backing us 110% in all of our efforts here with the 20x path and driving it forward so yeah number one hey look just a huge shout out to the entire infusion points team hey another one that uh these folks they're they're behind the scenes probably the most important folks but uh how about the the media team here at Infusion Points does this right here right they're they're helping us produce these podcasts and get material out there um that's what's so important as well for our viewers um and anybody that's subscribing to us on LinkedIn and things like that right um that education that's coming out is coming from that team right there they're consulting with us saying hey uh you you need to do the podcast today you need to do a video today you need to do these things and get this out and so they're really driving us and so uh the unsung heroes if you will we really appreciate them as well Tanner uh man this has been amazing uh I know there's so much more that um we could we could ramble on about uh with this FedRamp 20x class C journey but uh I'm just excited to be able to share it with our audience and share it with the public uh we're we're excited to say that XBU 40 is FedRamp 20x uh Class C uh certified uh or moderate authorized whichever language you're still speaking uh and uh you know all these things as well that we've mentioned by the way the webinar uh the assessments uh link we're actually going to link those in the the description on this this podcast so feel free to go out there and check those things out um and then register for webinar number two that's coming up we we'd love to continue to hear from folks and we love to educate folks and help people grow in this 20x space so Tanner any closing uh remarks no I think we covered it all uh just for the I guess I'll wrap us up but uh thanks for joining us um yeah as always uh hit us up on all the socials you know uh hit the like button subscribe uh you you guys know the drill YouTube's been around long enough now but uh as always uh you can find us behind the shield thank you for joining us thanks all