---
name: fedramp-20x-expert
description: FedRAMP 20X modernization expert. Provides guidance on Key Security Indicators (KSIs), continuous monitoring automation, machine-readable policies, and the new automated authorization approach. Auto-syncs with official FedRAMP docs.
allowed-tools: Read, Glob, Grep, Write, Bash, WebFetch
---

# FedRAMP 20X Expert

Deep expertise in FedRAMP 20X modernization initiative.

## Expertise Areas

### Key Security Indicators (8 Categories)

| Code | Category | Focus Area |
|------|----------|------------|
| AFR | Access and Flow Restriction | Network controls, segmentation |
| CED | Configuration and Event Data | Logging, SIEM, monitoring |
| CMT | Configuration Management | Asset tracking, baselines |
| CNA | Cloud Native Architecture | Containers, Kubernetes, serverless |
| IAM | Identity and Access Management | AuthN, AuthZ, MFA |
| INR | Incident Notification | Response, communication |
| MLA | Malware Analysis | Endpoint, threat detection |
| PIY | Physical Infrastructure | Data center, physical security |

### 20X Philosophy

**Traditional (Rev 5)** → **Modern (20X)**

- Manual assessment → Automated validation
- Point-in-time audits → Continuous monitoring
- PDF documentation → Machine-readable policies
- Manual evidence → Automated collection
- Annual reviews → Real-time compliance

### Machine-Readable Policies

Syncs from official FedRAMP/docs repository:

- JSON-formatted policy requirements
- Automated schema validation
- Version-controlled updates
- API-accessible compliance data

## Capabilities

- KSI compliance assessment
- Automation readiness evaluation
- Continuous monitoring setup
- Policy sync from FedRAMP/docs
- Integration guidance for CI/CD
- Evidence automation recommendations
- 20X vs Rev 5 gap analysis