Cloud Audit Controls

This blog is about understanding, auditing, and addressing risk in cloud environments. Systems and architectures are rapidly converging, hiding complexity with additional layers of abstraction. Simplicity is great for operations - as long as risks are understood and addressed.

Pages

  • Home
  • Downloads
  • Solutions Checklist
  • CAC Model 2.0
  • CAC Model 1.0
  • Links
  • About

Monday, May 13, 2019

Understanding How OVAL Works in Five Steps


Source and Links: 
  • FAQs: https://oval.mitre.org/about/faqs.html
  • Illustration: https://oval.mitre.org/about/images/how_oval_works.pdf
  • General Overview: https://oval.mitre.org/language/about/overview.html
Posted by CD at 12:33 PM
Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest
Newer Post Older Post Home

About the Author

About the Author

This is my personal blog.

Hi! All posts are my own and represent my own opinion. These are my personal views and do not necessarily represent the views of my employer.

I've been fortunate to learn from amazing people. This blog is my personal sticky pad. You can learn more about me on LinkedIn. Pay it forward!

Contact: davischr2 [at] gmail

All materials on this website and the documents repository are provided for personal use only. Commercial use, distribution, derivative works, product integration, sales, and licensing are prohibited.

Vulnerability Search

Search for Vulnerabilities
Enter vendor, software, or keyword

Popular Posts

  • Spreadsheet: ISO PCI HIPAA 800-53 FedRAMP CSA SANS SCSEM CESG
    Get the 'Common Authorities on Information Assurance' spreadsheet here.  (xlsx) [2016-02-03 Update] -- PCIv3.1 controls spread...
  • PCI DSS v3.2 Spreadsheet Format
    PCI DSS v3.2 Spreadsheet loaded here:  https://www.compliancequickstart.com/ Most are wondering about 3.2.1. The mapping is the same. Co...
  • NIST Cyber Security Framework (CSF) Excel Spreadsheet
    NIST Cybersecurity Framework Excel Spreadsheet Go to the documents tab and look under authorities folder. Contains properly split-out t...
  • SP 800-53A Revision 4 controls, objectives, CNSS 1253 Excel Spreadsheet
    Here's a cleaned up and combined Excel spreadsheet version of Special Publication 800-53A r4 containing controls, objectives, and CNS...
  • 2016 Controls Map - Indexed to NIST - Free Gift
    Delivered to you with pleasure and as a courtesy of one of the best managers I have had. Jerry Breaud trusted me to run with my gut instinct...
  • Cloud Security Alliance: Consensus Assessment Initiative Questionnaire
    Last year I reviewed the Cloud Security Alliance Consensus Assessment Initiative Questionnaire ( CSA-CAIQ ). I've posted the enhanced v...
  • Why you need to read the Summary of NIST SP 800-53 Revision 4
    This is the most concise list of answers I've seen to the most commonly asked questions and misconceptions my customers, peers, and s...
  • MAC vs DAC vs RBAC
    Recently had a discussion regarding mandatory access controls, discretionary access controls, and role-based access controls. The goal of...
  • NIST SP 800-53 r4 to CJIS v5.4 Control Mapping
    Reverse mapped CJIS control set into NIST 800-53 controls as the new baseline. Download here .

Blog Archive

  • ►  2020 (10)
    • ►  August (1)
    • ►  July (1)
    • ►  June (2)
    • ►  April (1)
    • ►  March (1)
    • ►  February (2)
    • ►  January (2)
  • ▼  2019 (14)
    • ►  October (1)
    • ►  August (3)
    • ▼  May (4)
      • You simply cannot manage what you cannot see.
      • Understanding How OVAL Works in Five Steps
      • Adioma - How to Think Visually
      • How important is risk assessment?
    • ►  April (1)
    • ►  March (2)
    • ►  February (3)
  • ►  2018 (1)
    • ►  March (1)
  • ►  2017 (1)
    • ►  February (1)
  • ►  2016 (17)
    • ►  October (2)
    • ►  May (1)
    • ►  April (2)
    • ►  March (1)
    • ►  February (6)
    • ►  January (5)
  • ►  2015 (13)
    • ►  December (4)
    • ►  November (3)
    • ►  October (1)
    • ►  August (1)
    • ►  May (1)
    • ►  March (1)
    • ►  February (1)
    • ►  January (1)
  • ►  2014 (11)
    • ►  December (1)
    • ►  October (1)
    • ►  September (4)
    • ►  July (1)
    • ►  April (1)
    • ►  March (2)
    • ►  February (1)
  • ►  2013 (15)
    • ►  December (1)
    • ►  September (1)
    • ►  July (1)
    • ►  June (2)
    • ►  April (6)
    • ►  March (3)
    • ►  February (1)
  • ►  2012 (23)
    • ►  November (2)
    • ►  September (1)
    • ►  August (2)
    • ►  June (1)
    • ►  May (2)
    • ►  April (3)
    • ►  March (5)
    • ►  February (3)
    • ►  January (4)
  • ►  2011 (23)
    • ►  December (8)
    • ►  November (4)
    • ►  October (3)
    • ►  September (3)
    • ►  August (5)

Subscribe...

Posts
Atom
Posts
Comments
Atom
Comments
Awesome Inc. theme. Powered by Blogger.