Security Benchmark Course

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Security Benchmark Course

Boczenowski, Steve

For the past several years, The MITRE Corporation has supported a government-sponsored System Security Analysis project by producing XCCDF benchmarks.  While the utility of benchmarks is clear, their creation is often difficult and time consuming.  The difficulties begin in the security guidance phase with inconsistencies and ambiguities in documenting security recommendations and supporting data, and they continue to the automation phase in finding the configuration data needed to construct the OVAL definitions.

MITRE has developed experiential knowledge and expertise in developing and managing standards-based security content, as well as a suite of security content management tools that can help anyone attempting to develop security guidance.  We have packaged this all up in a one-day course and we’d like to share it with the community.

Please contact me if you would be interested in taking such a course later this summer.

 

Steve

-------------------------------------

Stephen P. Boczenowski

 

The MITRE Corporation

 

Office: 781-271-7682

Cell: 978-302-3849

[hidden email]

 

Making Security Measurable

------------------------------------------

http://oval.mitre.org/

http://cve.mitre.org/

http://cpe.mitre.org/

 

To unsubscribe, send an email message to [hidden email] with SIGNOFF OVAL-DISCUSSION-LIST in the BODY of the message. If you have difficulties, write to [hidden email].