NORTH WILKESBORO, NC / ACCESS Newswire / April 10, 2026 / InfusionPoints today announced it has achieved FedRAMP 20x Class C (Moderate), marking a significant milestone in the evolution of federal cloud security authorization and reinforcing the company's leadership in automation-first, continuous compliance.

This achievement is powered by XBU40 Platform-as-a-Service, InfusionPoints' security focused, automation-driven cloud platform built on AWS GovCloud helps organizations accelerate authorization while maintaining real-time, audit-ready compliance. XBU40 unifies secure infrastructure, centralized system management through Command Center, and automated evidence validation via AuditShield to deliver live, KSI-driven security data sourced directly from operational systems.

What Does This Mean for Organizations Using XBU40?

InfusionPoints' FedRAMP 20x Class C achievement is more than a compliance milestone it represents an operational advantage for agencies and cloud service providers adopting the XBU40 platform.

With XBU40, organizations gain:

• A faster path to federal market entry

• Reduced compliance cost and complexity

• A continuous, audit-ready security posture aligned to real-world risk

By unifying secure hosting, vulnerability management, and continuous validation in a single platform, "InfusionPoints' XBU40 FedRAMP 20x Class C (Moderate) achievement is a business accelerator enabling our customers to enter the federal market faster, reduce compliance friction, and scale with confidence through continuous, verifiable security" said Jason Shropshire, COO. "XBU40 enables our clients to leverage a secure platform while accelerating their paths to their required compliance outcome, whether FISMA, FedRAMP, DoD IL4/IL5, DoD RMF or CMMC."

The FedRAMP 20x shift

FedRAMP 20x represents a fundamental modernization of the traditional FedRAMP model, shifting away from static, document-heavy assessments toward machine-verifiable evidence, continuous risk visibility, and real-time security validation. With its FedRAMP 20x Class C (Moderate) achievement, InfusionPoints is demonstrating how cloud service providers and federal agencies can move faster into the federal market while maintaining strong, transparent, and measurable security outcomes.

"FedRAMP 20x is not just an incremental improvement it's a fundamental shift in the way CSPs demonstrate their security & compliance in modern, cloud native environments," said Tanner Bailey, FedRAMP 20x Program Manager.

"FedRAMP 20x confirms what we've believed all along, real security isn't static, it's continuously validated. Risk should be measurable in real time, and compliance should be the outcome of good security engineering, not paperwork done well. XBU40 proves that by showing security as it actually runs, and not relying on how it's documented" said Chad Spears, CISO.

What FedRAMP 20x Class C (Moderate) Means

FedRAMP 20x introduces an automation-first authorization approach that emphasizes:

• Machine-readable evidence sourced directly from live systems

• Key Security Indicators (KSIs) that reflect real operational risk

• Continuous validation instead of episodic or annual recertification events

• Reduced authorization friction without compromising rigor or transparency

The Moderate baseline expands these capabilities to support systems handling sensitive federal data, enabling agencies to make faster, risk-based authorization decisions backed by continuously updated security telemetry.

Built for the Future of Federal Cloud

InfusionPoints has spent years supporting federal agencies, cloud service providers, and assessment organizations across complex frameworks including FedRAMP, FISMA, CMMC, and ISO 27001. Its FedRAMP 20x Class C (Moderate) achievement reflects a broader strategy to move federal security programs from legacy, document-driven compliance toward scalable, engineering-led models aligned with modern DevSecOps practices.

As FedRAMP 20x continues to evolve, InfusionPoints remains actively engaged in helping cloud providers and assessment organizations transition from traditional authorization approaches to continuous authorization models designed for speed, scale, and resilience.

About InfusionPoints

InfusionPoints is a trusted cybersecurity, cloud engineering, and compliance partner helping organizations Build, Manage, and Defend secure, mission-ready environments in highly regulated markets. We specialize in FedRAMP, FedRAMP 20x, DoD, and enterprise security frameworks, supporting organizations from initial authorization through continuous monitoring and optimization. Our team brings deep technical expertise and real-world operational insight to every engagement. Through our independent, security-first approach, we integrate people, processes, and technology to deliver scalable, compliant, and resilient solutions. From strategy and architecture to operations and defense, we help customers move faster without sacrificing security.

For more information about InfusionPoints and its FedRAMP 20x capabilities, visit www.infusionpoints.com or visit our FedRAMP Marketplace listing at https://www.fedramp.gov/marketplace/products/FR2525557617/.

Felisha Daemer
VP Public Sector
Felisha.Daemer@infusionpoints.com
336.990.0252

SOURCE: InfusionPoints, LLC