CISA Releases Secure Cloud Business Applications (SCuBA) Guidance Documents for Public Comment

CISA has released draft versions of two guidance documents—along with a request for comment (RFC)that are a part of the recently launched Secure Cloud Business Applications (SCuBA) project:

  • Secure Cloud Business Applications (SCuBA) Technical Reference Architecture (TRA) 
  • Extensible Visibility Reference Framework (eVRF) Program Guidebook 

The public comment period for the RFC guidance documents closes on May 19, 2022.

In accordance with Executive Order 14028, which is aimed at improving security for federal government networks, CISA’s SCuBA project aims to develop consistent, effective, modern, and manageable security that will help secure agency information assets stored within cloud operations.  

CISA encourages interested parties to review the RFC guidance documents and provide comment. See CISA Blog: SCuBA? It means better visibility, standards, and security practices for government cloud for more information and for links to the RFC guidance documents. 

This product is provided subject to this Notification and this Privacy & Use policy.

Please share your thoughts.

We recently updated our anonymous product survey; we'd welcome your feedback.