When an agency brings an application into the FPC PaaS, the application immediately inherits full compliance with 86% of all FedRAMP controls. This compares to the 16% compliance an application would inherit if they deployed in their own Azure or AWS subscription.
Project Hosts also provides additional application-specific services above the PaaS layer. These include creation of an application-specific SSP and POA&M, monthly vulnerability scanning and patching, and annual penetration testing by a 3PAO. The result is turnkey FedRAMP compliance at the application level.