Accessibility Tools

Skip to main content

Access World-Class NIST RMF Documentation with ASP Learn More

DoD Cloud Security



Secure Cloud Business Applications (SCuBA) Technical Reference Architecture (TRA) cloud security consulting, compliance services.

Arlington Security Portal

Get Access to 100 + NIST RMF security and privacy policies & procedures, programs, and plan templates.

SCuBA Technical Reference Architecture (TRA) Cloud Security Consulting Services

Funded through the American Rescue Plan Act of 2021, the Secure Cloud Business Applications (SCuBA) project was established to develop consistent, effective, modern, and manageable security configurations for helping secure federal agency information assets stored within cloud environments. Through ongoing dialogue and collaboration with industry and government stakeholders, the Cybersecurity and Infrastructure Security Agency (CISA) has put forth two initial guidance documents as a part of the SCuBA project, which collectively will help federal agencies in adopting much-needed security and privacy practices when utilizing cloud services. With Arlington, we offer industry leading cloud security solutions for AWS, Microsoft Azure, Google Cloud, Salesforce, and more.

SCuBA Technical Reference Architecture (TRA)

Per CISA, “The purpose of the SCuBA Technical Reference Architecture (TRA) is to provide context, standard views, and terminology that incorporate and align all SCuBA efforts. The SCuBA TRA is product and vendor agnostic and is consistent with other federal, DHS, and CISA reference architectures (RAs). The SCuBA TRA is based upon the Cloud Security TRA published by CISA, the United States Digital Service, and the Federal Risk and Authorization Management Program (FedRAMP).”

The Extensible Visibility Reference Framework (eVRF) Guidebook

Per CISA, “The purpose of the extensible Visibility Reference Framework (eVRF) is to provide a framework for organizations to identify visibility data that can be used to mitigate threats, understand the extent to which specific products and services provide that visibility data, and identify potential visibility gaps.”

How Arlington Can Assist with SCuBA

Technical Assistance with SCuBA Security Requirements: SCuBA provides a comprehensive list of requirements relating to securing cloud business applications. Such requirements are essential for helping ensure the Confidentiality, Integrity, and Availability (CIA) of an organization’s cloud infrastructure. With years of working with cloud environments, Arlington has the expertise in helping ensure full compliance with the relevant SCuBA security sections.

Policies and Procedures: Developing well-written, comprehensive security documentation is critical for ensuring compliance with the stated SCuBA framework. With Arlington, we offer a wide-range of customized policy, program, and plan development writing services for helping ensure you have the best documentation possible.

Arlington Security Portal

Get Access to 100 + NIST RMF security and privacy policies & procedures, programs, and plan templates.

Related Services

Corresponding Case Studies

Why Arlington?

Decades of Defense Industry Expertise. Recognized leaders in all things DoD. World-Class Arlington Security Portal (ASP).

Passion. Integrity. Innovation. Impact.