COBIT, ISO/IEC 27001, NIST 800.53, PCI, oh my. The path to compliance is not a yellow brick road. IT professionals face a variety of security standards that they must meet simultaneously. This talk will present the NIST Open Security Controls Assessment Language (OSCAL) project as a way to standardize control, implementation and assessment information using an open, machine-readable format.
Learning Objectives: 1: Understand how to leverage automation to secure systems against multiple standards. 2: Learn how OSCAL is designed and how it can be used. 3: Discover how you can be a part of developing this new standard of standards.