Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Security Automation Simplified via NIST OSCAL - We’re Not in Kansas Anymore

RSA Conference via YouTube

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the NIST Open Security Controls Assessment Language (OSCAL) project in this 43-minute conference talk from RSA Conference. Discover how OSCAL simplifies security automation by standardizing control, implementation, and assessment information using an open, machine-readable format. Learn to leverage automation for securing systems against multiple standards, understand OSCAL's design and applications, and find out how to contribute to this emerging standard. Delve into the OSCAL Catalog Model, Profile Model, and Implementation Model, and grasp their significance in addressing the complexities of various security standards like COBIT, ISO/IEC 27001, NIST 800.53, and PCI. Gain insights from experts Anil Karmel and David Waltermire on overcoming major challenges in security controls assessment and implementing OSCAL effectively in your organization.

Syllabus

Intro
Major challenges in security controls assessment
What is OSCAL?
OSCAL goals
A note about terminology
OSCAL Workflow
Phased Development of OSCAL
The OSCAL Catalog Model
The OSCAL Catalog Format - Other Features
OSCAL Catalog Example
The OSCAL Profile Model
OSCAL Profile Example
The OSCAL Profile Format - Other Features
The OSCAL Implementation Model
Remaining Work
Why Does this All Matter?
Summary
Apply What You Have Learned Today
Questions and Answers

Taught by

RSA Conference

Reviews

Start your review of Security Automation Simplified via NIST OSCAL - We’re Not in Kansas Anymore

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.