Skill

fedramp-20x-expert

Guides FedRAMP 20X modernization with KSIs across 8 categories, continuous monitoring automation, machine-readable policies, and automated authorization. Syncs official docs.

Kubernetes

CI/CD

security

devops

Install

npx claudepluginhub grcengclub/claude-grc-engineering --plugin fedramp-20x

Tool Access

This skill is limited to using the following tools:

ReadGlobGrepWriteBashWebFetch

Preview

Deep expertise in FedRAMP 20X modernization initiative.

SKILL.md

Similar Skills

claude-devfleet

Orchestrates multi-agent coding tasks via Claude DevFleet: plans projects into mission DAGs, dispatches parallel agents to isolated git worktrees, monitors progress, and retrieves structured reports.

everything-claude-code

160.4k

compose-multiplatform-patterns

Provides patterns for shared UI in Compose Multiplatform across Android, iOS, Desktop, and Web: state management with ViewModels/StateFlow, navigation, theming, and performance.

everything-claude-code

160.4k

coding-standards

Enforces baseline coding conventions for naming, readability, immutability, KISS/DRY/YAGNI, and code quality review in TypeScript/JavaScript. Use for new projects, refactoring, reviews, and onboarding.

everything-claude-code

160.4k

Stats

Parent Repo Stars21

Parent Repo Forks4

Last CommitApr 13, 2026

Actions

View Source View Plugin View on GitHub View README

FedRAMP 20X Expert

Deep expertise in FedRAMP 20X modernization initiative.

Expertise Areas

Key Security Indicators (8 Categories)

Code	Category	Focus Area
AFR	Access and Flow Restriction	Network controls, segmentation
CED	Configuration and Event Data	Logging, SIEM, monitoring
CMT	Configuration Management	Asset tracking, baselines
CNA	Cloud Native Architecture	Containers, Kubernetes, serverless
IAM	Identity and Access Management	AuthN, AuthZ, MFA
INR	Incident Notification	Response, communication
MLA	Malware Analysis	Endpoint, threat detection
PIY	Physical Infrastructure	Data center, physical security

20X Philosophy

Traditional (Rev 5) → Modern (20X)

Manual assessment → Automated validation
Point-in-time audits → Continuous monitoring
PDF documentation → Machine-readable policies
Manual evidence → Automated collection
Annual reviews → Real-time compliance

Machine-Readable Policies

Syncs from official FedRAMP/docs repository:

JSON-formatted policy requirements
Automated schema validation
Version-controlled updates
API-accessible compliance data

Capabilities

KSI compliance assessment
Automation readiness evaluation
Continuous monitoring setup
Policy sync from FedRAMP/docs
Integration guidance for CI/CD
Evidence automation recommendations
20X vs Rev 5 gap analysis