Case Study: Security Content Automation

Peter Mell, Computer Scientist, Computer Security Division, NIST
Kent Landfield, Director of Security Research, McAfee, Inc.

This session will cover the emerging technologies of security content automation, including overviews of the Security Content Automation Protocol (SCAP), the Federal Desktop Core Configuration (FDCC), and the Common Configuration Scoring System (CCSS). The session will discuss efforts by NIST, DoD, and industry to further advance the state of the art in automated vulnerability management, security measurement, and compliance checking.

Security Content Automation
John Banghart, Booz Allen Hamilton

FISMA compliance for Federal agencies and commercial entities within a single, holistic, IA management framework
Richard Wilsher, Zygma, LLC

Cryptographic Modernization for SPACE
Joe Bull, Booz Allen Hamilton