Behind the Shield- Episode 9

In this episode of Behind the Shield, host Gary Daemer, CEO of InfusionPoints, sits down with Felisha Daemer, VP of Public Sector and one of the driving forces behind the company’s culture and growth.

Felisha shares her personal journey from college intern to executive leadership — and how being “humble, hungry, and smart” became the foundation of InfusionPoints’ hiring philosophy and team success. Together, Gary and Felisha reflect on what it means to stay scrappy and authentic in the cybersecurity world, how InfusionPoints built its culture of grit and continuous learning, and what makes their internship program a true pipeline for future leaders.

They also discuss current trends in federal cybersecurity and FedRAMP 20x, from “doing it live” compliance to solving agencies’ “hair-on-fire” problems through automation and trust-center visibility.

🎧 Topics Covered:

Felisha’s journey from intern to VP of Public Sector

The father–daughter dynamic in leadership

The “Ideal Team Player” philosophy: humble, hungry, and smart

InfusionPoints’ internship pipeline and culture of growth

What “scrappy” means in cybersecurity and compliance

How FedRAMP 20x and automation are reshaping public sector security

➡️ Subscribe for more Behind the Shield episodes featuring stories, strategies, and insights from the people building, managing, and defending secure cloud environments.

Behind the Shield- Episode 7

In this episode of Behind the Shield, we’re joined by Tim Sandage, Head of AWS Global Security & Compliance Acceleration, to explore how automation, AI, and platform-driven design are reshaping the future of cloud compliance.

Tim sits down with Gary Daemer and Jason Shropshire of InfusionPoints to discuss the evolution from static audits to continuous validation—and what it really takes to build trust in an automated world.

🔹 How FedRAMP 20x is changing the path to authorization
🔹 Why “Security by Design” remains essential in the AI era
🔹 Continuous audit vs. annual audit panic
🔹 Platform-driven compliance and opinionated architectures
🔹 Balancing automation with human oversight and trust

If you’re navigating FedRAMP, CMMC, or enterprise-grade security frameworks, this episode highlights the real-world strategies AWS and InfusionPoints use to accelerate compliance without compromising assurance.

🎧 Listen now to see how automation and AI are transforming the next era of security and compliance.

#BehindTheShield #FedRAMP20x #AWS #CloudSecurity #ContinuousCompliance #Automation #AI #Cybersecurity #InfusionPoints #SecurityByDesign

Behind the Shield- Episode 6

In this episode of Behind the Shield, Jason Shropshire and Gary Daemer connect history, innovation, and compliance. What can the fall of Constantinople teach us about modern cybersecurity and FedRAMP 20x?

They explore why traditional “walls and moats” thinking no longer works in today’s cloud world, how compliance pipelines are changing the game, and why automation—not screenshots—is the future of assurance.

You’ll hear how InfusionPoints’ platforms like XBU40, XccelerATOr, and AuditShield are helping customers move from static audits to continuous validation—and how FedRAMP 20x is leading that transformation.

Topics include:

What “walls and moats” have to do with compliance

Why continuous validation beats point-in-time audits

The rise of compliance pipelines under FedRAMP 20x

Platform vs. GRC approaches in federal cybersecurity

Hosted by: Jason Shropshire & Gary Daemer
🎧 Subscribe for more Behind the Shield episodes on FedRAMP 20x, cloud security, and compliance innovation.

Click here to read the blogs: 
https://infusionpoints.com/blogs/rethinking-walls-and-moats-cybersecurity-and-compliance
https://infusionpoints.com/blogs/opinionated-design-why-platform-plus-grc-wins-fedramp20x

#fedramp20x #compliance #grc

Behind the Shield- Episode 5 

Meet our new VP of Customer Success, Jeff Bivens. Jeff shares his path from late-90s client-server to SaaS, through a Dell acquisition and multiple ATOs, to why he joined InfusionPoints now. We dig into how strong program management turns compliance into momentum, how FedRAMP 20x can lower barriers without lowering security, and why “customer success” in public sector means repeatable outcomes, faster audits, and durable trust. We also touch on AI’s role in detection and operations, evergreen company values, and what changes when a services firm becomes a true cloud service provider.

What you’ll learn:

How SaaS delivery, faster releases, and customer feedback loops shaped Jeff’s approach

Lessons from taking platforms through Low and Moderate ATOs with speed and cost control

Why FedRAMP 20x matters for automation, machine-readable controls, and audit reuse

The program management skills that keep complex portfolios on track

How Customer Success aligns security outcomes, business value, and long-term relationships

Highlights

From support queues to SaaS startup life in Austin

Dell and the pivot to cloud offerings

Two ATOs in two years and what changed

Using compliance to improve engineering hygiene and costs

Evergreen culture, coaching, and building teams that last

Subscribe for more Behind the Shield conversations on building, managing, and defending in the federal cloud.

Behind the Shield- Episode 4:
FedRAMP 20x, KSIs, and the End of Screenshots (with Fortreum’s Ethan Troy & InfusionPoints’ Tanner Bailey)

In this episode we explore how FedRAMP 20x is changing audits. Instead of relying on screenshots, auditors now focus on scripts, APIs, and code logic. Host Gary Daemer sits down with InfusionPoints’ Tanner Bailey and Fortreum’s Ethan Troy to talk about KSIs, Trust Centers, and the skills auditors need for the future.

What you’ll learn:

Why screenshots are being replaced with automated, repeatable checks

How KSIs and themes make audits clearer and faster

Trust Centers built on JSON and Markdown instead of PDFs

Why auditors must understand Python, Linux, networking, and infrastructure as code

How InfusionPoints is building AuditShield and Command Center to support FedRAMP 20x

Host: 
Gary Daemer – CEO and Founder of InfusionPoints
Guests:
Ethan Troy – Assessor at Fortreum, focused on technical audits and code review
Tanner Bailey – Advisory team lead at InfusionPoints and coordinator for the 20x project

Subscribe for more conversations on FedRAMP, audit automation, and the future of cloud security.

#FedRAMP #FedRAMP20x #AuditAutomation #CloudSecurity #InfusionPoints #Fortreum

 Behind the Shield - Episode 3: 
Meet one of our hosts, Chad Spears (Director of Security Operations at InfusionPoints), as he sits down with Gary Daemer to talk about the journey from hands-on IT to leading a modern SOC, the power of automation, and how FedRAMP 20x is reshaping audits, evidence, and continuous monitoring.

What you’ll learn

How a major ransomware event shaped Chad’s approach to defense and incident response

Why we split Security Operations and Security Engineering to scale outcomes

The origin of AuditShield and what “automated evidence collection” looks like in practice

The core goals of FedRAMP 20x: automation, inheritance, continuous monitoring, trust, and faster innovation

Phase 1 lessons and our path into Phase 2 (Moderate), including KSI validation, self-healing remediations, and significant change notifications

How Command Center, Trust Center, and VDR (“Vader”) tie into faster ATOs and better agency confidence

Subscribe for more conversations on FedRAMP, automation, and security engineering.
Watch, comment, and tell us what you want covered next.

Behind the Shield – Episode 2: 
In our first episode featuring a guest, hosts Jason Shropshire and Jason Redding sit down with a public-sector security leader, Said Syed, CISO Snyk for Government, to unpack the real story behind FedRAMP—from the messy early days and the shared-responsibility model, to today’s accelerated authorizations and the 20x roadmap. We cover hard-won lessons, how process (not just tech) slows teams down, what RC-12 means for vulnerability reality checks, and where AI, KSIs, and agency expectations are heading next.

What you’ll learn:

How early cloud providers navigated FedRAMP before inheritable controls were common

Why the process—and acceptance criteria—trips up most teams more than technology

The shift from Rev4 → Rev5 and how to plan upgrades without derailing product roadmaps

20x Phase 1 outcomes, the move to Moderate (Phase 2), and what faster ATOs mean for SaaS

RC-12, “reachable ≠ accessible,” and pushing back on non-applicable vulns with evidence

Practical ways to use opinionated architectures, automation, and live evidence collection

Sensible guardrails for AI features in regulated environments

Mentioned:

Snyk Government: security in modern DevSecOps pipelines

InfusionPoints XBU40 + Command Center + AuditShield: “audit-ready, always-on” compliance

FedRAMP Day at GSA and growing marketplace velocity


Subscribe for new episodes on FedRAMP 20x, ATO strategy, and real-world build/manage/defend tactics coming out every Tuesday.

Have a FedRAMP question? Drop it in the comments or reach out to InfusionPoints. 

#fedramp #fedramp20x #govcloud #ATO #GRC #cybersecurity #devsecops #snyk #infusionpoints

Links:
• Learn more about InfusionPoints: https://infusionpoints.com/
• Learn more about Snyk: https://snyk.io/
• Connect with us on LinkedIn: https://www.linkedin.com/company/infusionpoints

Behind the Shield- Episode 1: 
In the premiere episode of Behind the Shield, hosts Gary Daemer (CEO of InfusionPoints) and Jason Shropshire (COO) share the story of InfusionPoints’ journey from its early federal and commercial projects to becoming a leader in cloud compliance and security engineering. They discuss how the rise of FedRAMP in 2012 pushed the team to pioneer automation, compliance-as-code, and platform engineering long before it became industry standard.
Listeners will hear candid stories about the “hardware days” of building compliant systems, the painful lessons learned from InfusionPoints’ first customers, and how those experiences fueled the creation of the XccelerATOr platform—a solution that helps SaaS providers accelerate their ATO journey. The conversation also dives into the evolution of platform engineering, opinionated architectures, and the Command Center, InfusionPoints’ “crown jewel” for managing compliance, risk, vulnerabilities, and evidence in a single pane of glass.
This episode sets the stage for the Behind the Shield series: authentic conversations about the challenges, innovations, and future of federal cloud security and compliance—with insights drawn from real-world engineering, not just theory.