This repository was created to demonstrate an automated assessment workflow using GitHub Actions. It utilizes a minimal application to trace a single control through the OSCAL models.
Detailed information about the use and structure of this repository can be found in the docs/ folder.
Through this project, we intend to help take the first steps with OSCAL and integrate these concepts into a development project. This will facilitate security, privacy and compliance activities as a part of an application development project from the start.
Information Technology Lab, Computer Security Division
-
Nikita Wootten
-
Alexander Stein
-
Chris Compton
-
Other OSCAL Contacts and Mailing Lists: https://pages.nist.gov/OSCAL/contact/
- OSCAL Website: https://pages.nist.gov/OSCAL/
- OSCAL Model Reference: https://pages.nist.gov/OSCAL/reference/
- OSCAL GitHub Project: https://github.com/usnistgov/OSCAL
- OSCAL Instructional Material: https://pages.nist.gov/OSCAL/learn/presentations/
- OSCAL Tools: https://pages.nist.gov/OSCAL/tools/