The National Cybersecurity Center of Excellence (NCCoE) has drafted the first of several building blocks addressing continuous monitoring. You can download the draft below. The draft building block is published here so that interested members of the public can comment.
The comment period is open until January 17, 2014. Please send your comments to email@example.com. The document will be revised accordingly and reposted here.
This building block will demonstrate software asset management capabilities by focusing on accurate, timely data collection and secure exchange of software inventory data from computing devices. The software asset management functionality demonstrated by this building block may be used as part of a larger continuous monitoring capability supporting basic situational awareness of the software that is installed and in use on monitored devices.
The solutions proposed by this effort will not be the only ones available in the fast-moving cybersecurity technology market. If you would like to propose an alternative architecture or know of products that might be applicable to this challenge, please contact us at firstname.lastname@example.org.