Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Presentation

OSCAL Mini Workshop Series - Event #30: Leveraging OSCAL to support cybersecurity lifecycle management

November 20, 2024

Presenters

Sara Nieves Matheu Garcia - Post Doctoral Researcher - University of Murcia, Spain
Antonio Skarmeta - Full Professor - University of Murcia, Spain

Description

The University of Murcia in Spain explored the integration of the Open Security Controls Assessment Language (OSCAL) framework with agile recertification tools and systems like DOSS (Dynamic Online Security Suite) and COBALT (Cybersecurity Operations and Benefits Assessment Lifecycle Tool). Participants were introduced to how OSCAL facilitates the management of the cybersecurity lifecycle by streamlining vulnerability tracking, threat identification, and mitigation processes. This workshop also covered the creation and management of Bill of Materials (BOM) such as Hardware Bill of Materials (HBOM) and Software Bill of Materials (SBOM), critical for ensuring supply chain security and compliance with cybersecurity regulations. By leveraging OSCAL alongside these tools, the workshop demonstrated how organizations can improve their security posture, automate the continuous monitoring of vulnerabilities, and ensure alignment with evolving security objectives and standards.
Created November 26, 2024