David Waltermire, NIST Security Automation Architect
Anil Karmel, C2 Labs Co-Founder and CEO
Andrew Weiss, Docker Solutions Engineer
Security and Compliance is largely a manual paper-based exercise conducted with a myriad of tools, technologies and human labor in spreadsheets and documents. NIST’s Open Security Controls Assessment Language (OSCAL) standardizes how security controls are represented (e.g. NIST SP 800-53, ISO/IEC 27001/2, COBIT 5), how you would represent a control implementation for a given system, and how that information is best used with reports generated in a standardized way that can be used by both humans and machines. We’ll provide a Technical Overview of this new NIST standard and a working demo of OSCAL in action with Docker Enterprise Edition (EE).