Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Projects

Showing 4 matching records.
Apple macOS Security Configuration APPLE-OS
CSD’s macOS security configuration team is working to develop secure system configuration baselines supporting different operational environments for Apple macOS version 10.12, “Sierra.” These configuration guidelines will assist organizations with hardening macOS technologies and provide a basis for unified controls and settings for federal macOS workstation and mobile system security configurations. The configurations are based on a collection of resources, including the existing NIST macOS...
Cyber Supply Chain Risk Management C-SCRM
Information and operational technology (IT/OT) relies on a complex, globally distributed, and interconnected supply chain ecosystem to provide highly refined, cost-effective, and reusable solutions. This ecosystem is composed of various entities with multiple tiers of outsourcing, diverse distribution routes, assorted technologies, laws, policies, procedures, and practices, all of which interact to design, manufacture, distribute, deploy, use, maintain, and manage IT/OT products and services...
Open Security Controls Assessment Language OSCAL
NIST is developing the Open Security Controls Assessment Language (OSCAL), a set of hierarchical, formatted, XML- and JSON-based formats that provide a standardized representation for different categories of information pertaining to the publication, implementation, and assessment of security controls. OSCAL is being developed through a collaborative approach with the public. The OSCAL website provides an overview of the OSCAL project, including an XML and JSON schema reference and examples...
Systems Security Engineering (SSE) Project SSE
Race to the Top -- Better Security Through EngineeringSystems security engineering contributes to a broad-based and holistic security perspective and focus within the systems engineering effort. This ensures that stakeholder protection needs and security concerns associated with the system are properly identified and addressed in all systems engineering tasks throughout the system life cycle.Mission Statement...To provide a basis to formalize a discipline for systems security engineering in...