You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This idea has come up several times in the community now, but no one has shown a clear example yet. I would like some feedback on what tooling people are or will use as evidence in an OSCAL component to seed an assessment plan or to just include in the OSCAL component to embed in a SSP, and show reference ideas of how an OSCAL component will use extensions. This relates to current enhancement work after the 1.0.0-rc1 release in usnistgov/OSCAL#825 and ongoing discussion in usnistgov/OSCAL#658, which seems to rationalize the extension model.
Really want community feedback here, as this is about how people need to learn to annotate OSCAL components with additional info and integrate it into internal security tooling.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
This idea has come up several times in the community now, but no one has shown a clear example yet. I would like some feedback on what tooling people are or will use as evidence in an OSCAL component to seed an assessment plan or to just include in the OSCAL component to embed in a SSP, and show reference ideas of how an OSCAL component will use extensions. This relates to current enhancement work after the 1.0.0-rc1 release in usnistgov/OSCAL#825 and ongoing discussion in usnistgov/OSCAL#658, which seems to rationalize the extension model.
Really want community feedback here, as this is about how people need to learn to annotate OSCAL components with additional info and integrate it into internal security tooling.
Beta Was this translation helpful? Give feedback.
All reactions