Palantir Technologies Inc. (NASDAQ: PLTR), today announced it has achieved Cybersecurity Maturity Model Certification (CMMC) Level 2 through an assessment by a CMMC Third-Party Assessment Organization (C3PAO). CMMC Certification through C3PAO assessment reinforces Palantir's commitment to securing national defense data and supporting critical government missions. This certification validates Palantir's robust cybersecurity posture and its ability to handle Controlled Unclassified Information (CUI) for U.S. Department of War (DoW) contracts and other federal government programs.

The CMMC Level 2 certification demonstrates Palantir's implementation of the security requirements from National Institutes of Standards and Technology Special Publication (NIST SP) 800-171, confirming the company's ability to protect sensitive government data while supporting critical national security missions. This achievement builds upon Palantir's existing comprehensive portfolio of federal security authorizations, including FedRAMP High, DoD Impact Level 5 (IL5), and DoD Impact Level 6 (IL6) accreditations, reinforcing the company's position as a trusted partner for defense and intelligence agencies across all classification levels.

The CMMC program was established by the DoW to combat increasing cyber threats to the Defense Industrial Base (DIB) and ensure that contractors handling Federal Contract Information (FCI) and Controlled Unclassified Information (CUI) meet stringent cybersecurity standards. CMMC Level 2 certification is particularly critical for organizations seeking to participate in DoW contracts involving CUI, as it demonstrates their ability to protect sensitive information from advanced cyber threats.

Empowering the Defense Industrial Base Through FedStart

Beyond Palantir's own CMMC compliance, the company is uniquely positioned to help other SaaS companies achieve federal compliance and access DoW opportunities through Palantir FedStart. By leveraging the groundwork Palantir has already laid, partners can bypass the complexity of federal certification and instead rely on FedStart’s streamlined, ready-made pathway to FedRAMP authorization and CMMC compliance. This allows them to focus on pursuing opportunities within the DoW, DIB, federal civilian agencies, and commercial markets that demand not only strong security but also require compliance.

Palantir FedStart is an offering that enables companies to run their SaaS applications in a secure, accredited environment to rapidly meet the compliance requirements of both Federal agencies and across the Department of War. Rather than independently investing significant time, money, and resources into compliance, SaaS companies can leverage Palantir's proven secure infrastructure and decades of government experience.

FedStart is a bridge for businesses with innovative technology that can benefit the Department of War. A common challenge is that these businesses often do not have the resources or time to build out the environments the DoW requires to operate. FedStart offers them the ability to leverage Palantir's expertise and proven credibility in running these environments and allowing those companies to focus on their core technologies instead.

For more information about Palantir’s efforts in empowering and securing America’s Defense Industrial Base, visit this article on the Palantir blog.

“This is another testament to Palantir’s commitment to security and compliance across our platform, protecting the nation’s most sensitive data and advancing its most critical missions.” — Akash Jain, President and CTO, Palantir Technologies

Palantir’s Security and Compliance

Palantir is recognized for its uncompromising commitment to security and regulatory compliance. Every aspect of Palantir’s platforms is designed with security-first principles, ensuring that sensitive data is protected at every stage. The company employs a defense-in-depth approach, integrating zero trust architecture, advanced threat detection, and continuous monitoring designed to safeguard critical information well beyond industry standards.

Palantir’s comprehensive portfolio of federal security authorizations including CMMC, FedRAMP High, DoD IL5, and DoD IL6 accreditations, reinforces its position as a trusted partner for defense and intelligence agencies across all classification levels. Notably, Palantir is one of only six cloud service providers to achieve IL6 accreditation. By investing heavily in secure architectures and robust compliance frameworks, Palantir not only protects its own government clients but also empowers the broader defense industrial base.

About Palantir Technologies Inc.

Software that dominates. Additional information is available at https://www.palantir.com.

Forward-Looking Statements

This press release contains forward-looking statements within the meaning of Section 27A of the Securities Act of 1933, as amended, and Section 21E of the Securities Exchange Act of 1934, as amended. These statements may relate to, but are not limited to, Palantir’s expectations regarding the expected benefits of our software platforms and any associated certifications. Forward-looking statements are inherently subject to risks and uncertainties, some of which cannot be predicted or quantified. Forward-looking statements are based on information available at the time those statements are made and were based on current expectations as well as the beliefs and assumptions of management as of that time with respect to future events. These statements are subject to risks and uncertainties, many of which involve factors or circumstances that are beyond our control. These risks and uncertainties include our ability to meet the unique needs of our customers; the failure of our platforms to satisfy our customers or perform as desired; the frequency or severity of any software and implementation errors; our platforms’ reliability; and our customers’ ability to modify or terminate their contract. Additional information regarding these and other risks and uncertainties is included in the filings we make with the Securities and Exchange Commission from time to time. Except as required by law, we do not undertake any obligation to publicly update or revise any forward-looking statement, whether as a result of new information, future developments, or otherwise.

View source version on businesswire.com: https://www.businesswire.com/news/home/20250917662048/en/