Cloud Audit Controls

This blog is about understanding, auditing, and addressing risk in cloud environments. Systems and architectures are rapidly converging, hiding complexity with additional layers of abstraction. Simplicity is great for operations - as long as risks are understood and appropriately addressed.

Pages

  • Home
  • Downloads
  • Solutions Checklist
  • CAC Model 2.0
  • CAC Model 1.0
  • Links
  • About

Monday, May 13, 2019

Understanding How OVAL Works in Five Steps


Source and Links: 
  • FAQs: https://oval.mitre.org/about/faqs.html
  • Illustration: https://oval.mitre.org/about/images/how_oval_works.pdf
  • General Overview: https://oval.mitre.org/language/about/overview.html
Posted by CD at 12:33 PM
Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest
Newer Post Older Post Home

About the Author

About the Author

This is my personal blog.

Hello! Thank you for visiting. All posts are mine and represent my own opinion. These are my personal views and do not necessarily represent the views of my employer. You can learn more about me on LinkedIn.

All materials on this website and the documents repository are provided for personal use only. Commercial use, distribution, derivative works, product integration, sales, and licensing are prohibited.

Popular Posts

  • PCI DSS v3.2 Spreadsheet Format
    PCI DSS v3.2 Spreadsheet loaded here:  https://www.compliancequickstart.com/ You'll also find the latest versions that have been updated...
  • MAC vs DAC vs RBAC
    Recently had a discussion regarding mandatory access controls, discretionary access controls, and role-based access controls. The goal of...
  • Spreadsheet: ISO PCI HIPAA 800-53 FedRAMP CSA SANS SCSEM CESG
    Get the 'Common Authorities on Information Assurance' spreadsheet here.  (xlsx) [2016-02-03 Update] -- PCIv3.1 controls spread...
  • NIST Cyber Security Framework (CSF) Excel Spreadsheet
    NIST Cybersecurity Framework Excel Spreadsheet Go to the documents tab and look under authorities folder. Contains properly split-out t...
  • SP 800-53A Revision 4 controls, objectives, CNSS 1253 Excel Spreadsheet
    Here's a cleaned up and combined Excel spreadsheet version of Special Publication 800-53A r4 containing controls, objectives, and CNS...
  • Cloud Security Alliance: Consensus Assessment Initiative Questionnaire
    Last year I reviewed the Cloud Security Alliance Consensus Assessment Initiative Questionnaire ( CSA-CAIQ ). I've posted the enhanced v...
  • NIST SP 800-53 r4 to CJIS v5.4 Control Mapping
    Reverse mapped CJIS control set into NIST 800-53 controls as the new baseline. Download here .
  • 2016 Controls Map - Indexed to NIST - Free Gift
    Delivered to you with pleasure and as a courtesy of one of the best managers I have had. Jerry Breaud trusted me to run with my gut instinct...
  • Why you need to read the Summary of NIST SP 800-53 Revision 4
    This is the most concise list of answers I've seen to the most commonly asked questions and misconceptions my customers, peers, and s...

Blog Archive

  • ►  2023 (5)
    • ►  January (5)
  • ►  2022 (22)
    • ►  November (1)
    • ►  October (3)
    • ►  September (2)
    • ►  August (4)
    • ►  July (4)
    • ►  June (3)
    • ►  May (2)
    • ►  April (1)
    • ►  February (2)
  • ►  2021 (7)
    • ►  August (2)
    • ►  July (1)
    • ►  May (1)
    • ►  March (1)
    • ►  February (2)
  • ►  2020 (10)
    • ►  August (1)
    • ►  July (1)
    • ►  June (2)
    • ►  April (1)
    • ►  March (1)
    • ►  February (2)
    • ►  January (2)
  • ▼  2019 (14)
    • ►  October (1)
    • ►  August (3)
    • ▼  May (4)
      • You simply cannot manage what you cannot see.
      • Understanding How OVAL Works in Five Steps
      • Adioma - How to Think Visually
      • How important is risk assessment?
    • ►  April (1)
    • ►  March (2)
    • ►  February (3)
  • ►  2018 (1)
    • ►  March (1)
  • ►  2017 (1)
    • ►  February (1)
  • ►  2016 (17)
    • ►  October (2)
    • ►  May (1)
    • ►  April (2)
    • ►  March (1)
    • ►  February (6)
    • ►  January (5)
  • ►  2015 (13)
    • ►  December (4)
    • ►  November (3)
    • ►  October (1)
    • ►  August (1)
    • ►  May (1)
    • ►  March (1)
    • ►  February (1)
    • ►  January (1)
  • ►  2014 (11)
    • ►  December (1)
    • ►  October (1)
    • ►  September (4)
    • ►  July (1)
    • ►  April (1)
    • ►  March (2)
    • ►  February (1)
  • ►  2013 (15)
    • ►  December (1)
    • ►  September (1)
    • ►  July (1)
    • ►  June (2)
    • ►  April (6)
    • ►  March (3)
    • ►  February (1)
  • ►  2012 (23)
    • ►  November (2)
    • ►  September (1)
    • ►  August (2)
    • ►  June (1)
    • ►  May (2)
    • ►  April (3)
    • ►  March (5)
    • ►  February (3)
    • ►  January (4)
  • ►  2011 (23)
    • ►  December (8)
    • ►  November (4)
    • ►  October (3)
    • ►  September (3)
    • ►  August (5)

Subscribe...

Posts
Atom
Posts
Comments
Atom
Comments
Picture Window theme. Powered by Blogger.