Lean engineering team leverages FIPS-validated from Linkerd to unlock federal market opportunities and automate Kubernetes security
Buoyant, the creator of Linkerd and the pioneer of the service mesh category, announced that IntelliGRC, a leading AI-native cybersecurity GRC platform, has successfully utilized Buoyant Enterprise for Linkerd to fast-track its FedRAMP Moderate equivalency and FedRAMP 20x Low authorization to better support the Defense Industrial Base (DIB) ecosystem in implementing and maintaining the Cybersecurity Maturity Model Certification (CMMC). By implementing Linkerd’s FIPS 140-2 validated encryption, IntelliGRC bypassed months of complex infrastructure work, contributing to a 4x increase in monthly revenue.
As the GRC platform of choice for Defense Industrial Base (DIB) contractors navigating CMMC and NIST requirements, IntelliGRC faced a critical business hurdle: large Managed Service Providers (MSPs) and enterprises requested for IntelliGRC to obtain FedRAMP Moderate equivalency in order to move forward with business contracts. Meeting this standard requires satisfying over 300 security controls, including the technically demanding requirement for FIPS-validated encryption for all data in transit within Kubernetes clusters and related service mesh.
“Without FedRAMP compliance, we risked losing out on business opportunities and our philosophy is that good security shouldn’t cost a premium to our customers and should be guaranteed,” said Ozzie Saeed, CEO of IntelliGRC. “We knew we needed to act fast and implement the right solutions, not just good security, but also for scale.”
Also Read: CIO Influence Interview with Gera Dorfman, Chief Product Officer at Orca
IntelliGRC’s lean engineering team chose Buoyant Enterprise for Linkerd over more complex alternatives like Istio. The “drop-in” nature of Linkerd allowed the team to implement mutual TLS (mTLS) across 42+ microservices instantly. This technical efficiency saved an estimated three months of development time, allowing the team to focus on their core product and the broader FedRAMP implementation and assessment process.
Key results of the partnership include:
- Rapid Revenue Scaling: IntelliGRC achieved 4x MRR growth and doubled its sales pipeline since receiving its FedRAMP Moderate Equivalency attestation.
- FIPS-Validated Cryptography Simplified: Integrated FIPS 140-2 validated modules for Kubernetes pod-to-pod communication, passing a rigorous 3PAO (Third-Party Assessment Organization) audit.
- Operational Efficiency: Automated certificate management and rotation, eliminating the need for additional headcount dedicated to infrastructure security.
- Enhanced Reliability: Improved application resilience through Linkerd’s out-of-the-box observability and circuit-breaking features.
“We found Istio to be unnecessarily complicated,” said Matthew DuVal, Head Engineer at IntelliGRC. “We would have spent months just learning the system, which isn’t an option when you’re in a high growth stage like IntelliGRC. With Buoyant Enterprise for Linkerd, we could get it running immediately and focus on the hundreds of other FedRAMP controls we needed to address.”
“IntelliGRC is a perfect example of how security can be a business accelerator rather than a bottleneck,” said William Morgan, CEO of Buoyant. “With Linkerd’s emphasis on operational simplicity, they’ve proven that a lean team can meet the highest federal security standards while maintaining a blistering pace of growth.”
With their FedRAMP Moderate equivalency assessment successfully completed and their 20x Low Authorization live on the FedRAMP Marketplace, IntelliGRC is now expanding its use of Linkerd to include multi-cluster communication and geographic failover to support its rapidly growing customer base.
Catch more CIO Insights: Identity is the New Perimeter: The Rise of ITDR
[To share your insights with us, please write to psen@itechseries.com ]
