Cloud Audit Controls

This blog is about understanding, auditing, and addressing risk in cloud environments. Systems and architectures are rapidly converging, hiding complexity with additional layers of abstraction. Simplicity is great for operations - as long as risks are understood and addressed.

Pages

  • Home
  • Documents
  • Solutions Checklist
  • Links
  • CAC Model 2.0
  • CAC Model 1.0

Monday, May 13, 2019

Understanding How OVAL Works in Five Steps


Source and Links: 
  • FAQs: https://oval.mitre.org/about/faqs.html
  • Illustration: https://oval.mitre.org/about/images/how_oval_works.pdf
  • General Overview: https://oval.mitre.org/language/about/overview.html
Posted by CD at 12:33 PM
Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest

Newer Post Older Post Home

About the Author

About the Author

This is my personal blog.

Hi! All posts are my own and represent my own opinion. These are my personal views and do not necessarily represent the views of my employer.

I've been fortunate to learn from amazing people. This blog is my personal sticky pad. You can learn more about me on LinkedIn. Pay it forward!

Contact: davischr2 [at] gmail

All materials on this website and the documents repository are provided for personal use only. Commercial use, distribution, derivative works, product integration, sales, and licensing are prohibited.

Vulnerability Search

Search for Vulnerabilities
Enter vendor, software, or keyword

Popular Posts

  • Spreadsheet: ISO PCI HIPAA 800-53 FedRAMP CSA SANS SCSEM CESG
    Get the 'Common Authorities on Information Assurance' spreadsheet here.  (xlsx) [2016-02-03 Update] -- PCIv3.1 controls spread...
  • PCI DSS v3.2 Spreadsheet Format
    PCI DSS v3.2 Spreadsheet loaded here:  https://sites.google.com/site/cloudauditcontrols. Most are wondering about 3.2.1. The mapping is th...
  • NIST Cyber Security Framework (CSF) Excel Spreadsheet
    NIST Cybersecurity Framework Excel Spreadsheet Go to the documents tab and look under authorities folder. Contains properly split-out t...
  • SP 800-53A Revision 4 controls, objectives, CNSS 1253 Excel Spreadsheet
    Here's a cleaned up and combined Excel spreadsheet version of Special Publication 800-53A r4 containing controls, objectives, and CNS...
  • 2016 Controls Map - Indexed to NIST - Free Gift
    Delivered to you with pleasure and as a courtesy of one of the best managers I have had. Jerry Breaud trusted me to run with my gut instinct...
  • Cloud Security Alliance: Consensus Assessment Initiative Questionnaire
    Last year I reviewed the Cloud Security Alliance Consensus Assessment Initiative Questionnaire ( CSA-CAIQ ). I've posted the enhanced v...
  • Why you need to read the Summary of NIST SP 800-53 Revision 4
    This is the most concise list of answers I've seen to the most commonly asked questions and misconceptions my customers, peers, and s...
  • Re-post: Spreadsheet: ISO PCI HIPAA 800-53 FedRAMP CSA SANS SCSEM CESG
    Re-posting this because this spreadsheet is a popular item. I've been pulled into so many directions over the last couple months that c...
  • NIST SP 800-53 r4 to CJIS v5.4 Control Mapping
    Reverse mapped CJIS control set into NIST 800-53 controls as the new baseline. Download here .

Blog Archive

  • ▼  2019 (13)
    • ►  August (3)
    • ▼  May (4)
      • You simply cannot manage what you cannot see.
      • Understanding How OVAL Works in Five Steps
      • Adioma - How to Think Visually
      • How important is risk assessment?
    • ►  April (1)
    • ►  March (2)
    • ►  February (3)
  • ►  2018 (1)
    • ►  March (1)
  • ►  2017 (1)
    • ►  February (1)
  • ►  2016 (17)
    • ►  October (2)
    • ►  May (1)
    • ►  April (2)
    • ►  March (1)
    • ►  February (6)
    • ►  January (5)
  • ►  2015 (13)
    • ►  December (4)
    • ►  November (3)
    • ►  October (1)
    • ►  August (1)
    • ►  May (1)
    • ►  March (1)
    • ►  February (1)
    • ►  January (1)
  • ►  2014 (11)
    • ►  December (1)
    • ►  October (1)
    • ►  September (4)
    • ►  July (1)
    • ►  April (1)
    • ►  March (2)
    • ►  February (1)
  • ►  2013 (15)
    • ►  December (1)
    • ►  September (1)
    • ►  July (1)
    • ►  June (2)
    • ►  April (6)
    • ►  March (3)
    • ►  February (1)
  • ►  2012 (23)
    • ►  November (2)
    • ►  September (1)
    • ►  August (2)
    • ►  June (1)
    • ►  May (2)
    • ►  April (3)
    • ►  March (5)
    • ►  February (3)
    • ►  January (4)
  • ►  2011 (23)
    • ►  December (8)
    • ►  November (4)
    • ►  October (3)
    • ►  September (3)
    • ►  August (5)

Pages

  • Home
  • Documents
  • Links
  • CAC Model 1.0
  • CAC Model 2.0
  • Solutions Checklist

Subscribe...

Posts
Atom
Posts
Comments
Atom
Comments
Picture Window theme. Powered by Blogger.