Black Duck initiates FedRAMP authorization for Polaris platform

Black Duck initiated the Federal Risk and Authorization Management Program (FedRAMP) Moderate authorization process for its Black Duck Polaris Platform and entered into an agreement with stackArmor to support the effort, a step the company said was meant to expand its U.S. federal cloud services and enable adoption by federal agencies.

Black Duck framed the activity as part of expanding its U.S. federal cloud services and delivering secure, compliant cloud solutions to federal agencies, noting the move aligned with efforts to make Polaris available through the FedRAMP Marketplace.

FedRAMP Moderate was described in the release as a standardized framework for security assessment, authorization, and continuous monitoring to streamline adoption of trusted cloud solutions across government agencies. The companies identified stackArmor as a FedRAMP engineering and advisory firm with pre-built security frameworks and automation intended to support authorization work.

Black Duck and stackArmor said they had agreed to fast-track the Polaris authorization by applying stackArmor's expertise and security frameworks; the release also stated that stackArmor had guided over 60 cloud service providers through compliance work that resulted in Authorization to Operate certification.

“We're not just pursuing FedRAMP approval—we're redefining how federal agencies secure their applications in the cloud,” said Jason Schmitt, CEO of Black Duck. “Polaris will give government customers the flexibility and confidence they demand, aligning with the federal mandate to modernize IT and eliminate the burden of on-premises systems. This is about delivering security at speed, scale, and certainty.”

Black Duck targeted FedRAMP “In Process” status by June 2026 and a listing in the FedRAMP Marketplace.