I have a strong professional interest in an open source automated Threat and Risk Management tool call SCAP - Security Content Automation Protocol. It has an foundational infrastructure based on some open source, well documented infrastructure features, XML, and exisiting Threat-related tools such as the CVE.
This is the link to the book I am reading about this. I am at the beginning of my learning experience in this area. Security Automation Essentials: Streamlined Enterprise Security Management and Monitoring with SCAP
As we move forward in this course, I felt strongly that there could be a big benefit if I was allowed to pursue the study and application of SCAP, where possible, and share this information with you, and my fellow students in this class.
After asking for permission to dive into this topic, I was granted permission to study as my special topic for this course.
One final thought, the efficiencies and thoroughness of the content that SCAP helps an organization automate and manage makes it very attractive for organizations that are resource-constrained and forced to do more with less people and smaller budgets.
= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
William Favre Slater, III
MBA, M.S., PMP, CISSP, SSCP, CISA, ISO 27002, ISO 20000, ITIL v3, Cloud Computing Foundation
Project Manager / Program Manager
CYBR 650 Blog: http://cybr650.blogspot.com
slater@billslater.com
williamslater@gmail.com
http://billslater.com/career
Chicago, IL
United States of America
No comments:
Post a Comment