Information Security News mailing list archives
NIST, DHS push security automation to the next stage
From: InfoSec News <alerts () infosecnews org>
Date: Fri, 21 Jun 2013 09:24:48 +0000 (UTC)
http://gcn.com/articles/2013/06/17/nist-dhs-push-security-automation.aspx By William Jackson GCN.com June 17, 2013The future of network security is automation, using various tools to monitor systems and network traffic for signs of trouble, alert administrators and even respond to attacks on their own. Automation can handle jobs that otherwise would have to be done by IT staff members, who are then freed up for other tasks.
Agencies face challenges in getting to an automated environment, however, whether because of tight budgets, complex systems or automated tools that don’t necessarily work together. The federal government is supporting the effort by developing the standards that are necessary for interoperable tools and offering intrusion detection and prevention as a service to agencies.
SCAPThe government is working to create a standards-based security environment through the Security Content Automation Protocol (SCAP), a suite of interoperable specifications developed at the National Institute of Standards and Technology in collaboration with the public- and private-sector security community.
Although NIST’s agenda for security automation goes beyond vulnerability management, SCAP in its present form, Version 1.2, deals primarily with endpoint compliance for configuration requirements. The specifications, contained in Special Publication 800-126, support automated configuration, vulnerability and patch checking, technical control compliance and security measurement.
[...]
_______________________________________________ ISN mailing list ISN () lists infosecnews org http://lists.infosecnews.org/mailman/listinfo/isn_lists.infosecnews.org
Current thread:
- NIST, DHS push security automation to the next stage InfoSec News (Jun 21)