Biden’s FedRAMP 20x pilot speeds up cloud approvals as Federal agencies embrace faster IT shift

For more than a decade, getting a cloud service certified for U.S. government use has been a slow, sometimes painful process. Timelines stretched beyond a year, testing the patience of agencies and vendors alike. Now, that bottleneck is breaking. The General Services Administration (GSA) says it has approved 114 cloud services in the first months of fiscal year 2025, already more than twice last year’s total.

Driving this surge is FedRAMP 20x, a Biden-era pilot program that rethinks the Federal Risk and Authorization Management Program from the ground up. Since 2011, FedRAMP has been the government’s gatekeeper for evaluating the security of cloud services. The framework offered some structure, sure, but it dragged its feet—leaving agencies hanging, waiting on tech they needed yesterday.

With the 20x pilot, rolled out after the OMB’s 2024 directive, things are finally speeding up. The main goals? Slash documentation requirements, automate review processes, and accelerate decision-making, all while keeping security standards solid. Now, vendors have to deliver critical security data in machine-readable formats—no more slogging through manual checks. It’s about time. Artificial intelligence runs a first pass on the information, flagging issues for human reviewers, which shaves months off the approval cycle.

Pete Waterman, who heads FedRAMP, said the results so far prove speed and security can work together. Phase one of the pilot is currently testing low-impact applications and will close to new submissions on August 19. Phase two will raise the stakes by including moderate-impact applications, bringing higher-security environments into the program while collecting feedback to refine the process further.

Although this acceleration carries the Biden administration’s imprint, the groundwork for centralized federal technology buying came during the Trump years. At that time, procurement shifted to government-wide contracts that let agencies buy from vetted vendors without launching separate bidding rounds.

Together, those earlier reforms and today’s FedRAMP 20x initiative are changing how Washington buys and approves technology. Agencies now have a realistic chance of getting secure, compliant cloud services in weeks instead of years, opening the door for faster modernization across the federal landscape.