00:00:00:06 - 00:00:01:17
All right. Thank you, Michaela

00:00:01:17 - 00:00:03:09
for hosting this session.

00:00:03:09 - 00:00:06:21
And thanks to everyone who's joining today
for your time and interest.

00:00:07:04 - 00:00:08:14
I'm Fritz Kunstler.

00:00:08:14 - 00:00:12:04
I am a principal security engineer
at Amazon Web Services,

00:00:12:09 - 00:00:15:21
where I have worked for
almost ten years now.

00:00:16:04 - 00:00:19:12
My background is primarily technical.

00:00:19:14 - 00:00:21:19
I haven't spent too much time.

00:00:21:19 - 00:00:23:22
I've worked in security
for a very long time.

00:00:23:22 - 00:00:25:00
More than half of my career.

00:00:25:00 - 00:00:29:09
But I really haven't spent too much time
focused on the sort of GRC,

00:00:29:11 - 00:00:30:24
aspects of security

00:00:30:24 - 00:00:35:19
until about 18 months ago,
when I was first introduced to OSCAL.

00:00:35:22 - 00:00:40:19
since then, I have helped with the launch
of the OSCAL Foundation.

00:00:40:22 - 00:00:47:11
and led several OSCAL projects at AWS,
including the launch of our PCI

00:00:47:11 - 00:00:51:15
DSS compliance package and OSCAL,
which is, done in December.

00:00:51:19 - 00:00:55:01
And, believe to be in industry first.

00:00:55:09 - 00:00:57:18
So like many early adopters.

00:00:57:18 - 00:01:00:21
We really needed expert help
to get that started.

00:01:00:21 - 00:01:03:05
as I'm going to share during this talk.

00:01:03:05 - 00:01:06:11
AI has become indispensable,
in my opinion,

00:01:06:13 - 00:01:10:02
for those sort of quick experiments
and projects we needed to do get moving.

00:01:10:02 - 00:01:12:00
And that's
what we're going to discuss today.

00:01:14:00 - 00:01:18:21
So I’m going to start with the demo
or attempt to start with the demo

00:01:18:22 - 00:01:21:24
Let’s see if the demo
spirits are on my side today or not.

00:01:22:01 - 00:01:27:11
And then move into some background
information to introduce the challenge

00:01:27:22 - 00:01:30:11
and opportunity
we're addressing here as well as

00:01:30:11 - 00:01:33:18
and talk little bit about OSCAL itself.

00:01:33:22 - 00:01:36:09
And MCP, the model context protocol.

00:01:36:09 - 00:01:39:16
Then we'll get into the technical
architecture of the solution

00:01:39:24 - 00:01:41:08
that we're sharing today.

00:01:41:08 - 00:01:44:00
Talk a little bit about roadmap.
and move into Q&A.

00:01:44:00 - 00:01:47:12
So before we demo,
Some key takeaways here.

00:01:47:12 - 00:01:49:23
If you don't come away from this talk with

00:01:49:23 - 00:01:52:09
anything else,
I hope you'll remember these things.

00:01:52:09 - 00:01:56:18
MCP server for OSCAL, which is the project
that we're about to discuss.

00:01:56:24 - 00:02:00:14
And the demo you're about to see is an AI

00:02:00:14 - 00:02:04:06
agent solution that puts OSCAL expertise,
at your fingertips.

00:02:04:07 - 00:02:08:16
It enables rapid OSCAL prototyping
and experiments using AI agents.

00:02:08:22 - 00:02:12:21
It's free open source
and no coding skills are required.

00:02:13:01 - 00:02:16:22
You can find instructions
to get started in the project.

00:02:16:22 - 00:02:19:21
Read me
which is available right at this link.

00:02:19:21 - 00:02:22:18
You can use that QR code
or type it into the browser.

00:02:22:18 - 00:02:23:18
Whatever's easy for you.

00:02:25:16 - 00:02:26:02
All right.

00:02:26:02 - 00:02:28:20
So now
we're going to try and do a demo here.

00:02:28:20 - 00:02:32:05
And that's going to require me
to change my screen share.

00:02:32:05 - 00:02:35:05
So to bear with me for just a moment.

00:02:37:16 - 00:02:40:11
And hopefully you can see
a sort of terminal window.

00:02:40:11 - 00:02:43:09
So, just explain quickly
how we're going to do this.

00:02:43:09 - 00:02:47:02
So I've got a couple of terminal windows
open and tabs here.

00:02:47:04 - 00:02:47:17
Right.

00:02:47:17 - 00:02:52:15
What you're looking at is, AI assistant
or AI agent, called Kiro.

00:02:52:18 - 00:02:56:00
But you could just as easily
be using cloud code

00:02:56:00 - 00:02:59:03
or whatever is your preferred AI agent.

00:02:59:05 - 00:03:02:05
We’re using Kiro today
because it's an Amazon product.

00:03:02:10 - 00:03:05:09
and it's the easiest thing for me
to demo.

00:03:05:09 - 00:03:08:23
So in this first tab,
what you're seeing is Kiro.

00:03:09:09 - 00:03:10:16
We'll call it in the raw.

00:03:10:16 - 00:03:15:10
It's just basically what the underlying
AI model has got in its training data.

00:03:15:10 - 00:03:17:13
That's how it's answering my questions.

00:03:17:13 - 00:03:20:13
In this case,
the model is anthropics Claud.

00:03:20:18 - 00:03:22:05
And I can look in a minute

00:03:22:05 - 00:03:25:12
and share the exact version of the cloud
model for folks who are interested.

00:03:25:16 - 00:03:31:18
So to keep the demo reasonable in terms
of time and hopefully not confuse people.

00:03:31:18 - 00:03:34:18
I did a little bit of staging here
just a few minutes ago.

00:03:34:20 - 00:03:36:21
You can see that I started this tool.

00:03:36:21 - 00:03:39:21
And, I asked it an initial question here.

00:03:40:03 - 00:03:43:15
Well, first
you can see the OSCAL MCP server.

00:03:43:15 - 00:03:46:15
I’ll explain that
in more detail in a few minutes here, but

00:03:46:19 - 00:03:50:13
just to show that it is actually disabled
in this window.

00:03:50:17 - 00:03:52:24
And so we're just talking
to the model itself.

00:03:52:24 - 00:03:54:16
So I asked it, 
“What do you know about OSCAL?”

00:03:54:16 - 00:03:58:13
And it gives me a reasonable, high level
explanation.

00:03:58:16 - 00:04:00:19
I won't ask read through all of this.

00:04:00:19 - 00:04:03:19
But we’ll go ahead
and just move to the other tab,

00:04:04:01 - 00:04:08:02
and show you that
when I asked this same question

00:04:08:02 - 00:04:11:13
and this is a different instance of Kiro
now, and you can see

00:04:11:23 - 00:04:16:24
it does have that OSCAL MCP server enabled,
doesn't say disabled next to it.

00:04:17:00 - 00:04:18:22
Right. We get a similar answer.

00:04:18:22 - 00:04:23:03
The big difference that you see straight
away is at the bottom here.

00:04:23:10 - 00:04:26:10
I have some tools available
to help explore.

00:04:26:14 - 00:04:27:04
Hey Fritz

00:04:27:10 - 00:04:27:22
Yes? 

00:04:27:22 - 00:04:30:01
I think your screen may not have switched.

00:04:30:01 - 00:04:31:13
It still shows disabled

00:04:31:13 - 00:04:32:08
Oh, really?

00:04:32:08 - 00:04:34:13
Okay. That's
unfortunate. Sorry. Bear with me.

00:04:36:17 - 00:04:37:09
All right.

00:04:37:09 - 00:04:38:23
So hopefully you see that now?

00:04:38:23 - 00:04:43:06
So this is the other window, where you can
see it does not say disabled

00:04:43:06 - 00:04:44:12
next to OSCAL

00:04:44:18 - 00:04:48:02
and here, as I was mentioning,
it clearly indicates.

00:04:48:02 - 00:04:51:08
Hey, I've got some additional tools
available to help explore OSCAL

00:04:51:08 - 00:04:54:08
schemas, and the like.

00:04:54:10 - 00:04:58:03
So. I try and switch back again
and I see it is

00:04:58:09 - 00:04:59:23
again paused my screen.

00:04:59:23 - 00:05:01:17
I'm not sure why this is happening.

00:05:03:13 - 00:05:05:02
I'm not sure what to say here, folks.

00:05:05:02 - 00:05:07:16
I'm just gonna have to switch back
and forth. I'm sorry about that.

00:05:07:16 - 00:05:08:14
Not a problem.

00:05:09:01 - 00:05:11:05
we'll just try and minimize
that back and forth.

00:05:11:05 - 00:05:13:12
I'll change my approach here slightly. So,

00:05:13:23 - 00:05:15:21
on this window that we're looking at now,

00:05:15:21 - 00:05:19:11
you'll see that it doesn't offer me
any additional tools of any kind.

00:05:19:24 - 00:05:23:07
And I then said, “Hey,

00:05:23:08 - 00:05:26:08
could you please tell me about the OSCAL mapping model?”

00:05:26:09 - 00:05:29:09
And it listed some models here.

00:05:30:04 - 00:05:32:20
I said I'd like to know about the OSCAL
mapping model.

00:05:32:20 - 00:05:36:02
So the response is telling.

00:05:36:06 - 00:05:38:13
It says “I don't have
any specific information

00:05:38:13 - 00:05:41:13
about an OSCAL mapping model
in my training data.”

00:05:41:18 - 00:05:44:18
And it's only aware of the six models
mentioned above.

00:05:44:22 - 00:05:47:05
There may be more
that it doesn't know about.

00:05:49:12 - 00:05:52:13
I then proceeded to ask,
“What's the current version of OSCAL?”

00:05:53:08 - 00:05:55:15
And it tells me again
“I don't have information about

00:05:55:15 - 00:05:58:15
current or version of OSCAL
as of February 26th.

00:05:58:17 - 00:06:02:03
My training data has a cut off
and may not include the latest releases.”

00:06:02:07 - 00:06:06:21
So these responses are exactly
the problem.

00:06:06:21 - 00:06:10:11
Are examples of the problem
that we are trying to solve.

00:06:10:11 - 00:06:11:23
With the MCP server for

00:06:11:23 - 00:06:14:23
OSCAL that's the solution that we're demoing here today.

00:06:15:04 - 00:06:17:06
So again I will switch back.

00:06:17:23 - 00:06:18:15
All right.

00:06:18:15 - 00:06:21:12
So I'm now in the other window.

00:06:21:12 - 00:06:26:19
The one that has the OSCAL assistant
agent MCP server.

00:06:27:00 - 00:06:28:21
So I'm going to start just by asking it

00:06:30:01 - 00:06:31:19
the question and this is live by the way.

00:06:31:19 - 00:06:34:19
It's possible this thing will embarrass
me, but I hope not.

00:06:35:06 - 00:06:36:15
We're going to find out.

00:06:36:15 - 00:06:39:15
So tell me

00:06:40:14 - 00:06:43:14
about the OSCAL mapping model.

00:06:47:23 - 00:06:50:04
All right, so you can see here.

00:06:50:04 - 00:06:53:04
It's the same question
that I asked in the other window.

00:06:55:24 - 00:06:58:24
And I’ll highlight

00:06:59:21 - 00:07:02:21
this is where I ask the question.

00:07:03:08 - 00:07:04:16
And it says,

00:07:04:16 - 00:07:07:22
“Let me check available OSCAL models to get you
accurate information

00:07:07:22 - 00:07:12:03
about the model” and here running tool list_oscal_models

00:07:12:09 - 00:07:15:09
it is able to go find out,

00:07:16:00 - 00:07:19:06
that the mapping collection model exists.

00:07:19:08 - 00:07:22:08
And tell me a little bit about it.

00:07:23:02 - 00:07:27:04
Obviously, you saw in the previous window
that that wasn't possible because

00:07:27:08 - 00:07:31:15
the mapping model information didn't exist
in, Claude's underlying training data.

00:07:31:18 - 00:07:33:19
and so it really couldn't help me out.

00:07:33:19 - 00:07:36:08
So let's see if I ask it.

00:07:38:06 - 00:07:39:02
“What is the”

00:07:41:14 - 00:07:43:04
“current version of OSCAL?”

00:07:51:23 - 00:07:52:05
Okay.

00:07:52:05 - 00:07:55:23
So pretty quickly says, well,
based on current schema information

00:07:56:06 - 00:07:59:00
or based on schema,
the current version is 1.2.0.

00:07:59:00 - 00:08:00:07
Now this matters.

00:08:00:07 - 00:08:06:12
And proves a a point because OSCAL 1.2.0 was released quite recently.

00:08:06:22 - 00:08:07:23
Is either end of December or

00:08:07:23 - 00:08:09:22
January? I don't remember exactly which.

00:08:09:22 - 00:08:14:17
But certainly long after the training
data of this model was cut off.

00:08:14:20 - 00:08:19:08
And so it's a pretty clear indicator
that we've got up to date information.

00:08:19:08 - 00:08:23:05
And for the most recent OSCAL,
versions. So,

00:08:24:09 - 00:08:27:09
I go a little bit further and ask,
“What are the”

00:08:29:01 - 00:08:30:23
“minimum”

00:08:30:23 - 00:08:32:14
“required fields?”

00:08:33:19 - 00:08:35:06
“of the OSCAL mapping model?”

00:08:35:06 - 00:08:37:23
I'm sticking with the mapping model.

00:08:37:23 - 00:08:40:17
Just because it was definitely
not available previously.

00:08:40:17 - 00:08:44:05
And so it doesn't seem to be included
in the underlying models training data.

00:08:44:08 - 00:08:48:19
we can be fairly confident and the answers
will be coming from the tools.

00:08:48:21 - 00:08:50:18
you'll see an indicator of that as well.

00:09:00:21 - 00:09:01:24
So that's it

00:09:01:24 - 00:09:05:01
for the minimum required fields
for the OSCAL mapping model.

00:09:05:01 - 00:09:10:15
And what it did was to go get the schema,
open up that schema, look up the fields,

00:09:10:15 - 00:09:16:06
and process the schema to tell me exactly
which fields are required.

00:09:16:10 - 00:09:20:07
So because it's processing that underlying
Json schema,

00:09:20:11 - 00:09:23:06
we can be confident
that this information is authoritative

00:09:23:06 - 00:09:27:15
and that it's not the result
of a model hallucination or other issue.

00:09:27:23 - 00:09:31:14
I'm going to ask it
now, “Can you generate a”

00:09:33:05 - 00:09:33:24
“template?”

00:09:39:16 - 00:09:41:23
Best, to generate a template

00:09:41:23 - 00:09:43:17
that I can use for editing later.

00:09:45:16 - 00:09:46:18
And you can see that

00:09:47:24 - 00:09:49:12
well it did exactly that.

00:09:49:12 - 00:09:53:15
And it tells me that
I've written the file out for you.

00:09:53:18 - 00:09:55:18
To this location.

00:09:55:18 - 00:09:58:10
And it sort of explains what it's done.

00:09:59:22 - 00:10:01:20
So. If you are

00:10:01:20 - 00:10:06:07
starting from scratch with OSCAL you have ideas for OSCAL experiments.

00:10:06:11 - 00:10:10:20
you may previously have needed to either
spend a lot of time learning OSCAL,

00:10:10:22 - 00:10:15:19
and really understanding,
how the schemas come together,

00:10:15:20 - 00:10:18:15
how they relate to one another,
what each of the fields is for.

00:10:18:15 - 00:10:23:22
You can use a tool like this MCP server
to get started much more quickly.

00:10:24:00 - 00:10:27:03
And somebody couldn't do this
previously with any of the existing

00:10:27:03 - 00:10:29:05
AI models. You definitely could.

00:10:29:05 - 00:10:31:02
The challenge was,

00:10:31:02 - 00:10:33:07
and this is the challenge
that I ran into personally,

00:10:33:07 - 00:10:36:07
that models sometimes hallucinate
or they don't have the latest

00:10:36:10 - 00:10:40:21
and greatest information, on OSCAL
or whatever your topic may be.

00:10:41:00 - 00:10:44:15
And so you can end up with seemingly small

00:10:44:19 - 00:10:49:03
errors or omissions and what you produce,
if those things go unnoticed

00:10:49:03 - 00:10:52:24
until you get, way further downstream
or a lot further downstream, then they

00:10:53:03 - 00:10:56:13
cause problems that are,
much more expensive challenging to,

00:10:56:18 - 00:10:58:07
overcome or undo.

00:10:58:07 - 00:11:01:13
unfortunately, due to this window problem,
I'm not going to do any more of the back

00:11:01:13 - 00:11:02:05
and forth.

00:11:02:05 - 00:11:05:13
We'll stop there for now
and move back to the content.

00:11:05:13 - 00:11:10:06
But I hope this has been a sufficient demo
to get the point across.

00:11:11:01 - 00:11:12:22
All right. Great. Thank you.

00:11:14:12 - 00:11:17:14
I've talked to dozens of customers,
auditors,

00:11:17:18 - 00:11:23:08
regulators and standards developers
over the past year and all agree

00:11:23:13 - 00:11:27:16
that GRC workflows must be automated.

00:11:28:01 - 00:11:30:18
Fortunately, much of that work now

00:11:30:18 - 00:11:34:08
has high automation potential
thanks to AI.

00:11:34:13 - 00:11:38:02
As I mentioned, there's really no debate
amongst these the stakeholders

00:11:38:02 - 00:11:41:18
I've spoken to that, you know, the way
that we're currently doing things on paper

00:11:41:18 - 00:11:44:18
is just not sustainable
or scalable going forward.

00:11:44:20 - 00:11:47:16
And that automation
definitely needs to happen.

00:11:47:16 - 00:11:51:02
But digital paper formats
like spreadsheets, PDFs

00:11:51:12 - 00:11:54:23
are really meant for humans,
not machines and,

00:11:55:05 - 00:11:58:24
for automation to produce consistent
results and return on investment.

00:11:59:02 - 00:12:02:04
Those artifacts need to be in a machine
readable format.

00:12:03:21 - 00:12:07:20
OSCAL solves that digital paper problem

00:12:08:00 - 00:12:10:20
OSCAL is a open security controls
assessment language,

00:12:10:20 - 00:12:14:11
a set of machine readable schemas
that describe artifacts

00:12:14:16 - 00:12:19:11
of the entire GRC lifecycle, from controls to
remediation actions.

00:12:19:16 - 00:12:24:05
It is a vendor
neutral, open source, standard.

00:12:24:07 - 00:12:27:24
And although it was developed
by NIST and shares

00:12:27:24 - 00:12:31:23
the same, terminology
that you find, in Fisma and,

00:12:32:03 - 00:12:36:08
and FedRAMP, OSCAL is by design
framework independent.

00:12:36:08 - 00:12:39:08
And it has no dependency whatsoever

00:12:39:08 - 00:12:43:03
on NIST products like RMF or 800-53.

00:12:43:06 - 00:12:48:01
You can use it with any control framework
or risk management framework

00:12:48:05 - 00:12:49:08
that you choose.

00:12:49:08 - 00:12:53:15
For example, PCI DSS or ISO 27 K,
or even your enterprise

00:12:53:15 - 00:12:57:20
or your company's proprietary control
framework or risk management standard.

00:12:59:11 - 00:12:59:18
All right.

00:12:59:18 - 00:13:03:19
So OSCAL solves the problem,
but we still have this fragmented

00:13:03:23 - 00:13:07:09
supply chain of spreadsheets, PDFs and screenshots

00:13:07:09 - 00:13:10:12
that underpin nearly
all GRC value streams today.

00:13:10:13 - 00:13:13:16
So how do we get from here
to that automated future?

00:13:14:01 - 00:13:18:04
As I mentioned previously,
AI agents, and assistance

00:13:18:04 - 00:13:23:16
have really become indispensable
for rapid prototyping and experimentation.

00:13:23:19 - 00:13:27:12
Over the past year or so, it's exactly
the sort of prototyping

00:13:27:12 - 00:13:31:13
and experimentation
that people need to be able to do in order

00:13:31:13 - 00:13:35:17
to move from the current paper
or digital paper artifacts

00:13:35:17 - 00:13:39:04
that, you know, spreadsheets, PDFs
that we all, deal with day to day.

00:13:39:11 - 00:13:42:11
you know, to OSCAL alternatives.

00:13:43:11 - 00:13:45:20
So the underlying AI models

00:13:45:20 - 00:13:52:02
really need to be trained on lots of
examples in order to produce good results.

00:13:52:07 - 00:13:56:08
And, as you saw, from the demo
we did before.

00:13:56:08 - 00:14:00:15
there isn't necessarily a ton of OSCAL

00:14:00:15 - 00:14:04:15
expertise or examples available
for those models to be trained on.

00:14:04:18 - 00:14:08:24
And as a result,
we end up with inconsistent output

00:14:09:02 - 00:14:11:02
or inconsistent results

00:14:11:02 - 00:14:15:23
from the AI when we attempted to use it
for prototyping early on.

00:14:16:00 - 00:14:21:20
what do you do if your model lacks
training on something that matters to you?

00:14:21:20 - 00:14:23:10
In this case, OSCAL 

00:14:23:10 - 00:14:27:13
It mattered to me because we still really
need these tools to get some quick wins

00:14:27:17 - 00:14:31:04
and to prevent having to go,
you know, learn new standards and

00:14:31:07 - 00:14:36:13
potentially learn technologies
or coding or other skills we may not have.

00:14:37:19 - 00:14:40:21
Enter MCP or the Model Context Protocol.

00:14:40:21 - 00:14:44:21
So Model Context Protocol standardizes
connectivity between

00:14:44:21 - 00:14:47:21
AI and external systems.

00:14:48:20 - 00:14:52:18
It enables on demand
injection of domain expertise

00:14:52:18 - 00:14:56:11
without requiring the
AI models, that is, be retrained.

00:14:56:11 - 00:15:00:10
And like OSCAL, it is vendor
neutral, framework independent

00:15:00:13 - 00:15:03:13
and an open source standard.

00:15:03:19 - 00:15:06:01
A good analogy
or the analogy that I don't know

00:15:06:01 - 00:15:09:20
is a good analogy to analogy
that always comes to mind for me here.

00:15:09:20 - 00:15:11:20
And I'm going to date myself
with this, but,

00:15:11:20 - 00:15:16:04
those of you who saw the original Matrix
movie many years ago, there's this scene

00:15:16:07 - 00:15:19:21
where one of the characters called
Trinity is standing on the roof

00:15:19:21 - 00:15:24:03
of a building staring at a helicopter,
and, main character, Neo asks.

00:15:24:09 - 00:15:25:10
“Can you fly that thing?”

00:15:25:10 - 00:15:27:08
And she says, “No, not yet.”

00:15:27:08 - 00:15:31:05
And then through her headset,
she reaches out to this operator and says,

00:15:31:05 - 00:15:34:11
I need a pilot program
for a B2 12 helicopter.

00:15:34:11 - 00:15:38:01
And her eyes kind of flutter, and all of
a sudden she's able to fly this helicopter.

00:15:38:01 - 00:15:42:14
It's like direct injected, pilot expertise.
That is exactly

00:15:42:14 - 00:15:45:21
what the model context protocol
is meant to do.

00:15:46:08 - 00:15:48:03
Not meant to do. It's what it does. Right?

00:15:48:03 - 00:15:53:24
So it enables on demand injection
of current domain knowledge

00:15:54:03 - 00:15:56:23
that may be missing from your
AI models training data,

00:15:56:23 - 00:15:58:18
at exactly the right
moment when it's needed.

00:16:00:08 - 00:16:02:06
Another good analogy.

00:16:02:06 - 00:16:06:22
And this one, I think actually applies
really well to both OSCAL and MCP

00:16:07:18 - 00:16:11:19
because as it turns out, they serve
sort of similar purposes. OSCAL solves

00:16:11:19 - 00:16:17:15
the interoperability problem between
external GRC stakeholders and systems.

00:16:17:20 - 00:16:20:16
Whereas MCP solves
the interoperability problem

00:16:20:16 - 00:16:24:09
between AI models and external systems.

00:16:24:14 - 00:16:30:10
So we bring those two things together
and the MCP server or OSCAL

00:16:30:12 - 00:16:33:23
that is what you saw in action earlier
somewhat stilted demo.

00:16:34:20 - 00:16:39:22
the bottom line is that the MCP server
exposes, to the AI model,

00:16:39:24 - 00:16:43:18
OSCAL specific tools, resources, and prompts

00:16:44:00 - 00:16:48:14
that an MCP client,
which could be the Kiro CLI like

00:16:48:14 - 00:16:52:16
you saw, could be Claude code, or
Copilot inside of VS code. 

00:16:52:16 - 00:16:55:14
If you know, whatever happens
to be your tool of choice.

00:16:55:14 - 00:16:58:21
It makes this on demand OSCAL expertise
available

00:16:58:21 - 00:17:02:18
to your AI agent
or tool of choice through those tools.

00:17:02:22 - 00:17:05:08
which the MCP server publishes,

00:17:05:08 - 00:17:08:22
and along with a set of detailed
instructions to the model,

00:17:08:24 - 00:17:14:14
You are able to ask, for examples or guidance,
whatever, and get accurate,

00:17:14:16 - 00:17:20:01
consistent answers about OSCAL from your AI agent or tool of choice

00:17:20:07 - 00:17:24:04
as long as it supports the MCP protocol,
model context protocol that is.

00:17:26:04 - 00:17:27:11
So we'll get

00:17:27:11 - 00:17:31:09
into sort of technical bit
here, to the technical deep dive.

00:17:31:13 - 00:17:32:09
We won't go too deep.

00:17:32:09 - 00:17:35:16
I think this is probably
about a 200 level conversation

00:17:35:24 - 00:17:39:00
for those who may be interested,
so to start with some design

00:17:39:00 - 00:17:42:00
principles that went into this project.

00:17:42:05 - 00:17:46:08
First of all, we wanted to be lightweight
and local first operation.

00:17:46:15 - 00:17:49:24
That means, this runs on your laptop.

00:17:50:02 - 00:17:51:04
it is called a server.

00:17:51:04 - 00:17:55:06
And in fact, technically is a server,
but it doesn't need to be deployed

00:17:55:06 - 00:17:56:23
on some external system.

00:17:56:23 - 00:18:00:05
doesn't need to be deployed in the cloud
or on dedicated hardware.

00:18:00:05 - 00:18:03:06
It runs right on your laptop, basically

00:18:03:06 - 00:18:06:06
next to your AI tool, or your IDE

00:18:06:10 - 00:18:11:18
and it's local first, meaning, it's
not going to need to reach out

00:18:11:18 - 00:18:15:15
and pull resources from somewhere else
by default.

00:18:15:15 - 00:18:18:17
It's got everything with it
sort of bundled that it needs to work.

00:18:19:16 - 00:18:21:12
No configuration is required.

00:18:21:12 - 00:18:24:22
Beyond
just the initial setup of the plugin.

00:18:25:05 - 00:18:29:11
And even that configuration really is
about, you know, configuring your AI tool,

00:18:29:11 - 00:18:32:18
in my case, Kiro, not about configuring
the MCP server itself.

00:18:32:23 - 00:18:35:07
It is self installing and self updating.

00:18:35:07 - 00:18:38:21
So you don't need to actually do either
those things yourself.

00:18:38:21 - 00:18:40:22
You just point your IDE

00:18:40:22 - 00:18:43:21
or your AI tool at this thing
and it does the rest.

00:18:43:21 - 00:18:45:10
No external dependencies.

00:18:45:10 - 00:18:47:11
As I mentioned,
everything is bundled with it.

00:18:47:11 - 00:18:51:07
By default and, spec driven development.

00:18:51:07 - 00:18:56:10
So for those who may not be familiar, spec
driven development is a concept

00:18:56:10 - 00:18:59:11
that believe was first introduced
by Kiro.

00:18:59:14 - 00:19:04:02
Basically, this is a approach to
AI assisted development

00:19:04:04 - 00:19:08:08
whereby, instead of starting with code
or asking your AI agent

00:19:08:08 - 00:19:13:04
to generate code for you, you instead
begin by writing a set of user stories.

00:19:13:08 - 00:19:17:03
and that the writing of those user
stories happens collaboratively

00:19:17:03 - 00:19:18:13
with the AI agent.

00:19:18:13 - 00:19:22:13
And, from the user stories,
you produce, design document

00:19:22:13 - 00:19:27:00
and then ultimately detailed task list
that describes the implementation plan.

00:19:27:03 - 00:19:30:23
so you will find in the project on GitHub

00:19:31:06 - 00:19:34:08
I'll show the links again later
just in case you're interested and you missed them

00:19:34:18 - 00:19:37:24
But you'll find a full set
of requirements, design docs

00:19:38:05 - 00:19:42:05
and implementation tasks in GitHub
alongside the code.

00:19:42:09 - 00:19:46:05
And that gives clear indication
of how the thing was developed.

00:19:46:11 - 00:19:49:12
And enables
you to pick it up and run with it

00:19:49:15 - 00:19:52:15
or contribute if that's something
that you would like to do.

00:19:53:03 - 00:19:54:08
Content security. So,

00:19:55:19 - 00:19:57:06
MCP servers,

00:19:57:06 - 00:20:00:12
in general, and obviously this one
specifically, what they do is,

00:20:00:17 - 00:20:03:14
they expose tools and resources
that provide

00:20:03:14 - 00:20:06:22
context to AI models on demand.

00:20:07:03 - 00:20:11:03
And, typically, you know,
that context is pretty simple, right?

00:20:11:06 - 00:20:16:03
You can think of it just like text file,
for example, or a markdown file,

00:20:16:03 - 00:20:20:14
full of, instructions and guidance
or information that the model can

00:20:20:20 - 00:20:26:02
analyze and use to produce the answers
or examples that a user needs.

00:20:26:11 - 00:20:29:07
So it's really important
that that content or

00:20:29:07 - 00:20:32:07
context information be trustworthy.

00:20:32:10 - 00:20:36:02
If it's not then,
like you may actually be worse off and,

00:20:36:22 - 00:20:39:09
than you would be
just using incomplete or,

00:20:39:09 - 00:20:43:22
or obsolete information that's available
directly from a model itself.

00:20:44:00 - 00:20:48:03
And so we wanted to make sure
that that didn't become a problem.

00:20:48:11 - 00:20:52:12
That's one reason why, by default,
we use only the content that we bundle

00:20:52:12 - 00:20:54:00
with the MCP server.

00:20:54:00 - 00:20:58:10
But even that, to ensure
that that content isn't tampered with,

00:20:58:12 - 00:21:02:06
we at build time, generate manifest file

00:21:02:08 - 00:21:07:11
that contains the SHA-256
hashes of every piece of content,

00:21:07:11 - 00:21:11:16
every content file that is included
or bundled into that server.

00:21:11:18 - 00:21:13:21
And that's done at build time.

00:21:13:21 - 00:21:16:21
the generation of that,
that hash manifest file.

00:21:16:23 - 00:21:20:08
then each time
the server starts, locally on your system,

00:21:20:21 - 00:21:23:17
every one of those content
files is verified.

00:21:23:17 - 00:21:28:13
And if the, verification process fails,
in other words,

00:21:28:19 - 00:21:31:19
indicating
that content is somehow been modified,

00:21:31:24 - 00:21:35:13
then the server exits produces
a warning indicating that,

00:21:35:19 - 00:21:40:01
hey, the, content provided here
may have been tampered with.

00:21:40:01 - 00:21:42:19
And so we're going to shut down that,
make sure that,

00:21:42:19 - 00:21:46:16
we don't give you any bad advice
or guidance or information otherwise.

00:21:48:14 - 00:21:51:07
the tech stack is actually pretty simple.

00:21:51:07 - 00:21:54:07
It's Python 3.11 or newer.

00:21:54:07 - 00:22:00:11
The FastMCP server
bundled with the MCP SDK, for Python.

00:22:00:11 - 00:22:01:20
that's an important distinction

00:22:01:20 - 00:22:06:17
because confusingly, there is a separate
project called FastMCP.

00:22:06:21 - 00:22:09:12
I don't fully understand
the relationship between the two.

00:22:09:12 - 00:22:13:04
I think they may have been the same thing,
at one point, but have since diverged.

00:22:14:00 - 00:22:16:16
In addition, we use strands agents for

00:22:16:16 - 00:22:19:20
basically, making the agent available

00:22:19:20 - 00:22:22:20
as a standalone thing,
which I'll talk more about later.

00:22:22:24 - 00:22:26:01
And, Trestle,
which is, originally developed by IBM

00:22:26:01 - 00:22:29:18
now project of the, Cloud Native
Computing Foundation.

00:22:29:22 - 00:22:34:00
that is, integrated for,
validating OSCAL content,

00:22:34:00 - 00:22:37:11
and soon for additional capabilities
as well.

00:22:38:13 - 00:22:40:21
Optionally
So Boto3 is also included.

00:22:40:21 - 00:22:43:21
And that's for optional Amazon Bedrock
integration.

00:22:43:21 - 00:22:46:15
But out of the box that will not be used
as I mentioned,

00:22:46:15 - 00:22:51:01
by default, the entire server
runs locally, doesn't make any outside

00:22:51:01 - 00:22:55:09
network calls,
and it relies only on bundled content.

00:22:57:10 - 00:23:00:09
So as I mentioned before, and

00:23:00:09 - 00:23:03:08
for those of you may already be familiar
with the model context protocol,

00:23:03:08 - 00:23:09:09
probably the primary way that MCP, does
its job is through tools.

00:23:09:12 - 00:23:13:10
And basically these tools can be
and in this case, they're simple Python

00:23:13:10 - 00:23:17:19
functions, exposed to your
AI agent or model, along with a set

00:23:17:19 - 00:23:21:21
of plaintext instructions,
that explain when to use those tools.

00:23:22:04 - 00:23:25:07
And there are four major tools
or primary tools

00:23:25:07 - 00:23:28:12
that are currently included with the MCP

00:23:28:12 - 00:23:31:23
server for OSCAL, which I’ll just quickly
go through with you.

00:23:31:23 - 00:23:35:19
So, the first one is the list_oscal_models tool

00:23:35:21 - 00:23:38:01
And that does exactly what it sounds like.

00:23:38:01 - 00:23:43:12
It just returns a very simple list of
each of the OSCAL models

00:23:43:21 - 00:23:46:13
that are available today,
along with their current status,

00:23:46:13 - 00:23:49:12
whether they're generally available
or prototypes,

00:23:49:12 - 00:23:52:19
and, that is a good entry point.

00:23:52:22 - 00:23:56:06
If you think back
to beginning of the demo, when I asked

00:23:56:18 - 00:24:01:02
raw AI model, base agent, about the OSCAL
mapping model, it said to me,

00:24:01:02 - 00:24:02:08
“I don't know anything about that.”

00:24:02:08 - 00:24:06:06
so this list_oscal_models tool is how

00:24:06:10 - 00:24:10:14
the agent would be able to go find out
about other available OSCAL models

00:24:10:18 - 00:24:14:13
if it had had that tool available to it,
and like the second agent did

00:24:14:13 - 00:24:17:13
then, would have been able
to answer the question straight away.

00:24:17:24 - 00:24:19:15
Get OSCAL Model Schema

00:24:19:15 - 00:24:20:23
Now this is a tool

00:24:20:23 - 00:24:23:23
I would argue is sort of the,
heart of the functionality here.

00:24:23:24 - 00:24:28:16
And the reason for that is that OSCAL
by design, is self-documenting.

00:24:28:16 - 00:24:32:21
So in other words, the OSCAL schemas include
all of the documentation,

00:24:33:02 - 00:24:34:03
sort of embedded.

00:24:34:03 - 00:24:38:00
so by,
pulling the schema from one of the OSCAL models,

00:24:38:07 - 00:24:41:19
the agent is also getting access
to the complete set of documentation

00:24:41:22 - 00:24:43:22
that goes along with that schema.

00:24:43:22 - 00:24:48:16
So using these two basic tools
here, an AI agent can now understand

00:24:48:16 - 00:24:53:06
all of the available OSCAL models
and then go retrieve the complete schema

00:24:53:06 - 00:24:58:03
and documentation set for those models
and use that to answer questions

00:24:58:05 - 00:25:02:14
to produce examples
explain, the various fields,

00:25:02:15 - 00:25:05:04
and their requirements,
and a whole bunch of other things

00:25:05:04 - 00:25:08:14
that I've actually been
very pleasantly surprised by how much

00:25:08:16 - 00:25:11:15
can be accomplished
just with that one tool.

00:25:11:15 - 00:25:14:21
list_oscal_resources is another tool
that provides

00:25:15:03 - 00:25:18:22
a markdown file containing
a bunch of information that is community

00:25:18:22 - 00:25:20:24
sources about known available

00:25:20:24 - 00:25:25:24
OSCAL software tools, content resources
and all kinds of other things.

00:25:26:02 - 00:25:27:23
That's a separate project in GitHub.

00:25:27:23 - 00:25:29:24
And then query_oscal_documentation.

00:25:29:24 - 00:25:31:10
This tool is disabled by default

00:25:31:10 - 00:25:34:04
because it does require access
to external resources.

00:25:34:04 - 00:25:38:19
But if you want to, let’s say to set up
and or operate your own knowledge base of,

00:25:38:22 - 00:25:43:22
OSCAL information,
in enterprise systems, you could do that

00:25:43:24 - 00:25:48:05
in your AWS account,
and then enable this tool the MCP server

00:25:48:07 - 00:25:52:08
or your AI agent would be able to go query
that knowledge base, that documentation,

00:25:52:10 - 00:25:53:14
to get additional information

00:25:53:14 - 00:25:56:14
that it may not have been able
to get from the other three tools.

00:25:56:21 - 00:25:59:24
There are also several
more tools in the works in coming soon,

00:26:00:09 - 00:26:03:17
that talk about a few minutes here in the roadmap section.

00:26:04:21 - 00:26:07:07
setup is, really quite simple.

00:26:07:07 - 00:26:11:14
Almost every AI agent or IDE or other tool
that supports

00:26:11:20 - 00:26:14:21
Model context
protocol or MCP is configured by a simple

00:26:14:21 - 00:26:17:21
file, an MCP.Json file
that looks something like this.

00:26:18:01 - 00:26:21:01
And all you would do to deploy this

00:26:21:04 - 00:26:24:12
MCP server,
make it available through your AI agent, is to add

00:26:24:23 - 00:26:29:06
something that looks like this to your
MCP.Json file.

00:26:29:07 - 00:26:33:09
There are detailed instructions available
in the Readme file, in the GitHub

00:26:33:09 - 00:26:37:09
project, along with a sample configuration
file that you can use to get started.

00:26:37:20 - 00:26:43:01
it's worth noting this uvx command that
you see there, basically will always

00:26:43:08 - 00:26:47:19
on startup when your AI agent or your IDE
starts, it checks

00:26:47:24 - 00:26:51:17
if it's got the latest version of the MCP
server for OSCAL.

00:26:51:19 - 00:26:53:01
If not, it downloads it

00:26:53:01 - 00:26:56:05
so that you're always running the latest
and greatest version by default.

00:26:56:10 - 00:26:58:23
No, manual action required. At all.

00:26:58:23 - 00:27:02:20
And what that does is just,
pull the Python module down from, PyPI.

00:27:02:24 - 00:27:04:10
and install it on demand.

00:27:06:08 - 00:27:07:13
So roadmap,

00:27:07:13 - 00:27:10:12
first, contributors are needed wanted.

00:27:10:12 - 00:27:12:16
Welcome. To this project.

00:27:12:16 - 00:27:15:21
And contributions
can take all sorts of forms.

00:27:16:04 - 00:27:18:08
The simplest
and one of the most viable ways

00:27:18:08 - 00:27:21:11
you can contribute is just to try it out
and tell us what features you want.

00:27:21:11 - 00:27:25:17
Open an issue in GitHub, so that we can
work on adding things that matter to you.

00:27:25:17 - 00:27:29:01
And then there's some immediate
additional tools that are coming soon.

00:27:29:01 - 00:27:32:13
As I mentioned, one,
there's a tool query_component_definition

00:27:32:16 - 00:27:37:16
is going to enable
the agent to answer questions,

00:27:38:01 - 00:27:41:12
that using information
that's published in component definitions.

00:27:41:12 - 00:27:44:07
So for example,
we recently published a set of component

00:27:44:07 - 00:27:47:14
definitions
that describe the compliance data for AWS,

00:27:47:24 - 00:27:52:12
or security compliance data for AWS
services to be able to ask, for example,

00:27:52:14 - 00:27:57:19
you know, questions about Amazon S3,
and the tool will go

00:27:58:02 - 00:28:01:14
look at that component definition
and give you back authoritative answers

00:28:01:14 - 00:28:03:04
based on what it finds there.

00:28:03:04 - 00:28:06:12
validate_oscal_content
is another tool that's coming soon

00:28:06:14 - 00:28:10:21
that will be using Trestle as well as 
the OSCAL CLIs to

00:28:10:23 - 00:28:15:03
validate partial and complete OSCAL
documents that you may already have.

00:28:15:03 - 00:28:16:11
So you put those together.

00:28:16:11 - 00:28:18:16
And, you want to make sure
that they are

00:28:18:16 - 00:28:22:15
if they're valid, or you want
feedback on them, help correcting them.

00:28:22:17 - 00:28:23:24
That's what tool is for.

00:28:23:24 - 00:28:26:24
And then finally, following the agent
as tool pattern,

00:28:27:01 - 00:28:31:05
will make the, whole solution
the MCP server for OSCAL available

00:28:31:05 - 00:28:36:04
as a standalone agent for specialized use
cases, where, you may not be using it

00:28:36:04 - 00:28:41:14
in conjunction with some other
existing agent, like your IDE or or Kiro.

00:28:42:01 - 00:28:44:03
So again, key takeaways.

00:28:44:03 - 00:28:44:23
Just to wrap it up,

00:28:44:23 - 00:28:48:23
MCP server for OSCAL,
is an OSCAL expert at your fingertips.

00:28:49:00 - 00:28:52:23
It enables rapid OSCAL prototyping
and experiments using AI agents.

00:28:52:23 - 00:28:54:08
And it is a free open

00:28:54:08 - 00:28:57:22
source tool intended
to lower the barriers to experimentation.

00:28:58:05 - 00:29:01:10
Even helping folks
without coding skills to get involved

00:29:01:13 - 00:29:04:23
quickly and demonstrate value
to business stakeholders.

00:29:05:05 - 00:29:08:23
And with that,
I will open the floor to Q&A.