SlideShare une entreprise Scribd logo

Automating Enterprise IT Management

Télécharger en tant que PPTX, PDF
John Gilligan
John Gilligan

Automating Enterprise IT Management by Leveraging a Security Content Automation Protocol, a presentation by John M. Gilligan in May 2009.

Technologie
1  sur  22
Automating Enterprise IT Management by Leveraging Security Content Automation Protocol (SCAP) John M. Gilligan www.gilligangroupinc.com May, 2009
Problem Today’s state—CIOs of large enterprises cannot: • See their IT assets—they don’t know what they have • Tell which systems comply with policy • Makes reporting, enforcement impossible • Change configurations quickly in reaction to changing threats or vendor updates 2 IT organizations cannot effectively manage complex environments
Root Cause Today’s enterprise IT capabilities are: • Complex • Dynamic • Vulnerable • Fragmented in use of automated management 3 Processes and tools are immature
CIOs are concerned about enterprise IT management • Cost of poorly managed IT is growing rapidly • Cyber attacks are exploiting weak enterprise management – Weakest link becomes enterprise “Achilles Heel” – Cyber exploitation now a National Security issue • High quality IT support requires effective enterprise management 4 SCAP enables effective enterprise IT management and security
Goal—Well-Managed Enterprise • Every device in an enterprise is known, actively managed, and configured as securely as necessary all the time, and the right people know this is so or not so • Integrated and automated enterprise management tools increase operational effectiveness and security without increased cost 5
Solution Elements • Governance • Technology • Discipline 6
Governance • Define management and security policies and properties to be implemented in enterprise IT environments • Accelerate evolution to a disciplined environment – Federal Desktop Core Configuration (FDCC)--Establishes initial configuration discipline – 20 Critical Controls for Effective Cyber Defense: Consensus Audit Guidelines—Counter most significant threats with measurable controls – NIST Special Publication 800-53 (Information Security; Recommended Security Controls for Federal Information Systems)—Establish comprehensive disciplined management and security policies and controls 7
Technology • Use tools that are Security Content Automation Protocol (SCAP)-enabled • Automate management of configuration, asset management, and security properties – Continuously assess, report, enforce endpoint compliance – React quickly to changing situations (e.g., vendor patches, new configurations, revised policy) • Achieve cross-vendor integration, interoperability 8 SCAP enables tool integration and interoperability for disciplined enterprise IT management
Discipline Verify compliance with enterprise IT policies: • Continuously verify effectiveness of controls by leveraging automation and trend metrics • Also employ metrics for operational effectiveness and cost • Use Auditors and Red Teams to independently validate discipline • Ensure visible accountability for those who violate policies 9
Leveraging SCAP for Enterprise IT Management 10
Current SCAP Standards 11 CVE CVSS OVAL CCECPE XCCDF Software vulnerability management Configuration management Compliance management Asset management SCAP supports foundational IT management functions
Specific SCAP Standards 12 CVE CVSS OVAL CCECPE XCCDF Software vulnerability management Configuration management Compliance management Asset management Identifies vulnerabilities Scores vulnerability severity Criteria to check presence of vulnerabilities, configurations, assets Identifies configuration controls Language to express configuration guidance for both automatic and manual vetting Identifies packages and platforms SCAP enables enterprise-wide, cross-vendor interoperability and aggregation of data produced by separate tools
Mature Standards Illustrate Possibilities • Common Vulnerabilities and Exposures (CVE): industry standard for identifying vulnerabilities – 36,000+ vulnerabilities agreed upon over the last 10 years – 245 products, 138 organizations, 25 countries • Common Vulnerability Scoring System (CVSS): Payment Card Industry (PCI) uses to judge compliance of organizations that process card payments 13 Industry has adopted SCAP standards for individual needs
SCAP Gaining Momentum • Federal Desktop Core Configuration (FDCC/SCAP) – Ken Heitkamp (ex-Deputy CIO AF): “FDCC with SCAP not only establishes standard configurations for hardware suppliers, it also addresses security for those that develop software” • Open Vulnerability Assessment Language (OVAL) – McAfee: “The ability to…describe vulnerabilities on a system and exchange that information between tools is doing a great deal to improve [vendor] offerings” • NIST issues SCAP content for FISMA compliance – Steve Quinn (NIST): “[SCAP is] an automated approach to help agencies make the jump from security policies and mandates to secure systems.” 14
Product Interoperability The Problem • Different vendor products give different answers • CIOs can’t integrate across vendors The Solution • SCAP standard ‘OVAL’ introduced to enable integration • Red Hat adopted OVAL; found it increased value of their advisories to customers • Other vendors have followed (e.g., Symantec) 15 OVAL provides the “glue” for SCAP-compliant tools leading to interoperability
Enterprise IT Management Using SCAP • DoD Computer Network Defense (CND) data sharing pilot demonstrating enterprise management using SCAP – SCAP shows which systems are vulnerable; enables rapid, prioritized response (e.g., rush patching); provides follow-up reporting – Tony Sager (NSA): “We do it all now with SCAP- compatible tools.” • Organizations beginning to see SCAP benefits for other enterprise applications 16
Leadership is needed now 17 Shape technology to serve the public interest
Recommended Actions How Federal government can provide leadership: 1. Require SCAP-validated tools 2. Educate IT staff in how SCAP can be used for enterprise IT management 3. Deploy SCAP-validated tools; evolve to automated enterprise IT management 4. Share lessons learned with IT managers and vendors – More use cases—not just security – More transparent integration 18
SCAP can transform individual tools into integrated parts of an Enterprise IT Management Capability 19 Capabilities Tools SCAP
Enterprise IT Management Roadmap 20 Capability Cost
Contact Information 21 John M. Gilligan jgilligan@gilligangroupinc.com 703-503-3232 www.gilligangroupinc.com
Strategic Roadmap • Controlled configuration for Windows • Controlled configuration for major operating systems and applications • Standardized application white and black listing • Adaptive configurations based on threat • Faster vulnerability impact/patch level assessment • Standardized remediation, configuration control • Today • 2010 • 2010 • 2011 • OVAL adoption • 2012 22 More secure, more automated Real-time management More secure, automated, real time

Recommandé

Automating Enterprise IT Management by Leveraging Security Content Automation...
Automating Enterprise IT Management by Leveraging Security Content Automation...Automating Enterprise IT Management by Leveraging Security Content Automation...
Automating Enterprise IT Management by Leveraging Security Content Automation...John Gilligan
 
Open Architecture: The Key to Aviation Security
Open Architecture: The Key to Aviation SecurityOpen Architecture: The Key to Aviation Security
Open Architecture: The Key to Aviation Securityagoldsmith1
 
Panel Discussion: Why IT Service and IT Asset Management are Better Together
Panel Discussion: Why IT Service and IT Asset Management are Better TogetherPanel Discussion: Why IT Service and IT Asset Management are Better Together
Panel Discussion: Why IT Service and IT Asset Management are Better TogetherIvanti
 
mac integration
mac integrationmac integration
mac integrationKevin Tsai
 
DevOpsDays Chicago 2014 - Controlling Devops
DevOpsDays Chicago 2014 - Controlling DevopsDevOpsDays Chicago 2014 - Controlling Devops
DevOpsDays Chicago 2014 - Controlling DevopsBrian Henerey
 
7 Ways Backup Makes IT More Productive
7 Ways Backup Makes IT More Productive7 Ways Backup Makes IT More Productive
7 Ways Backup Makes IT More Productivemarketingunitrends
 
Structured NERC CIP Process Improvement Using Six Sigma
Structured NERC CIP Process Improvement Using Six SigmaStructured NERC CIP Process Improvement Using Six Sigma
Structured NERC CIP Process Improvement Using Six SigmaEnergySec
 
How to Effectively Audit your IT Infrastructure
How to Effectively Audit your IT InfrastructureHow to Effectively Audit your IT Infrastructure
How to Effectively Audit your IT InfrastructureNetwrix Corporation
 

Recommandé

Automating Enterprise IT Management by Leveraging Security Content Automation...
Automating Enterprise IT Management by Leveraging Security Content Automation...Automating Enterprise IT Management by Leveraging Security Content Automation...
Automating Enterprise IT Management by Leveraging Security Content Automation...John Gilligan
 
Open Architecture: The Key to Aviation Security
Open Architecture: The Key to Aviation SecurityOpen Architecture: The Key to Aviation Security
Open Architecture: The Key to Aviation Securityagoldsmith1
 
Panel Discussion: Why IT Service and IT Asset Management are Better Together
Panel Discussion: Why IT Service and IT Asset Management are Better TogetherPanel Discussion: Why IT Service and IT Asset Management are Better Together
Panel Discussion: Why IT Service and IT Asset Management are Better TogetherIvanti
 
mac integration
mac integrationmac integration
mac integrationKevin Tsai
 
DevOpsDays Chicago 2014 - Controlling Devops
DevOpsDays Chicago 2014 - Controlling DevopsDevOpsDays Chicago 2014 - Controlling Devops
DevOpsDays Chicago 2014 - Controlling DevopsBrian Henerey
 
7 Ways Backup Makes IT More Productive
7 Ways Backup Makes IT More Productive7 Ways Backup Makes IT More Productive
7 Ways Backup Makes IT More Productivemarketingunitrends
 
Structured NERC CIP Process Improvement Using Six Sigma
Structured NERC CIP Process Improvement Using Six SigmaStructured NERC CIP Process Improvement Using Six Sigma
Structured NERC CIP Process Improvement Using Six SigmaEnergySec
 
How to Effectively Audit your IT Infrastructure
How to Effectively Audit your IT InfrastructureHow to Effectively Audit your IT Infrastructure
How to Effectively Audit your IT InfrastructureNetwrix Corporation
 
Selecting the right security policy management solution for your organization
Selecting the right security policy management solution for your organizationSelecting the right security policy management solution for your organization
Selecting the right security policy management solution for your organizationAlgoSec
 
APC Live Tour - MW
APC Live Tour - MWAPC Live Tour - MW
APC Live Tour - MWRomulo Perez
 
Empowering the evolving workforce with virtual workspaces
Empowering the evolving workforce with virtual workspacesEmpowering the evolving workforce with virtual workspaces
Empowering the evolving workforce with virtual workspacesDell World
 
Why SaaS BI
Why SaaS BIWhy SaaS BI
Why SaaS BIBirst
 
New Model for IT: Cloud Service Provider
New Model for IT: Cloud Service ProviderNew Model for IT: Cloud Service Provider
New Model for IT: Cloud Service ProviderVMware
 
NetWrix Change Reporter Suite - Product Review by Don Jones
NetWrix Change Reporter Suite - Product Review by Don JonesNetWrix Change Reporter Suite - Product Review by Don Jones
NetWrix Change Reporter Suite - Product Review by Don JonesNetwrix Corporation
 
Level Up to a Seamless End-User Experience
Level Up to a Seamless End-User ExperienceLevel Up to a Seamless End-User Experience
Level Up to a Seamless End-User ExperienceVMware
 
Independent Software Assessments
Independent Software AssessmentsIndependent Software Assessments
Independent Software AssessmentsDCG Software Value
 
Higher Efficiency and IT Empowerment with VMware vSphere with Operations Mana...
Higher Efficiency and IT Empowerment with VMware vSphere with Operations Mana...Higher Efficiency and IT Empowerment with VMware vSphere with Operations Mana...
Higher Efficiency and IT Empowerment with VMware vSphere with Operations Mana...VMware
 
Dell Endpoint Systems Management Solutions
Dell Endpoint Systems Management SolutionsDell Endpoint Systems Management Solutions
Dell Endpoint Systems Management SolutionsCTI Group
 
TDi Technologies - IT Foundation Management (IT Operations)
TDi Technologies - IT Foundation Management (IT Operations)TDi Technologies - IT Foundation Management (IT Operations)
TDi Technologies - IT Foundation Management (IT Operations)TDiTechnologies
 
Innovations in desktop virtualization: Expanding to workstation use cases
Innovations in desktop virtualization: Expanding to workstation use casesInnovations in desktop virtualization: Expanding to workstation use cases
Innovations in desktop virtualization: Expanding to workstation use casesDell World
 
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #5
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #5SynerComm's Tech TV series CIS Top 20 Critical Security Controls #5
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #5Lisa Niles
 
Cyber security series administrative control breaches
Cyber security series administrative control breaches Cyber security series administrative control breaches
Cyber security series administrative control breaches Jim Kaplan CIA CFE
 
4 Best Practices for Patch Management in Education IT
4 Best Practices for Patch Management in Education IT4 Best Practices for Patch Management in Education IT
4 Best Practices for Patch Management in Education ITKaseya
 
Patch Management: 4 Best Practices and More for Today's Healthcare IT
Patch Management: 4 Best Practices and More for Today's Healthcare IT Patch Management: 4 Best Practices and More for Today's Healthcare IT
Patch Management: 4 Best Practices and More for Today's Healthcare IT Kaseya
 
6 Tools for Improving IT Operations in ICS Environments
6 Tools for Improving IT Operations in ICS Environments6 Tools for Improving IT Operations in ICS Environments
6 Tools for Improving IT Operations in ICS EnvironmentsEnergySec
 
VMworld 2013: Separating Cloud Hype from Reality in Healthcare – a Real-Life ...
VMworld 2013: Separating Cloud Hype from Reality in Healthcare – a Real-Life ...VMworld 2013: Separating Cloud Hype from Reality in Healthcare – a Real-Life ...
VMworld 2013: Separating Cloud Hype from Reality in Healthcare – a Real-Life ...VMworld
 
Vulnerability and Patch Management
Vulnerability and Patch ManagementVulnerability and Patch Management
Vulnerability and Patch Managementn|u - The Open Security Community
 
Top 10 critical changes to audit in your it infrastructure
Top 10 critical changes to audit in your it infrastructureTop 10 critical changes to audit in your it infrastructure
Top 10 critical changes to audit in your it infrastructureNetwrix Corporation
 
Enforce compliance policy with model-driven automation
Enforce compliance policy with model-driven automationEnforce compliance policy with model-driven automation
Enforce compliance policy with model-driven automationPuppet
 
Many products-no-security (1)
Many products-no-security (1)Many products-no-security (1)
Many products-no-security (1)SecPod Technologies
 

Contenu connexe

Tendances

Selecting the right security policy management solution for your organization
Selecting the right security policy management solution for your organizationSelecting the right security policy management solution for your organization
Selecting the right security policy management solution for your organizationAlgoSec
 
APC Live Tour - MW
APC Live Tour - MWAPC Live Tour - MW
APC Live Tour - MWRomulo Perez
 
Empowering the evolving workforce with virtual workspaces
Empowering the evolving workforce with virtual workspacesEmpowering the evolving workforce with virtual workspaces
Empowering the evolving workforce with virtual workspacesDell World
 
Why SaaS BI
Why SaaS BIWhy SaaS BI
Why SaaS BIBirst
 
New Model for IT: Cloud Service Provider
New Model for IT: Cloud Service ProviderNew Model for IT: Cloud Service Provider
New Model for IT: Cloud Service ProviderVMware
 
NetWrix Change Reporter Suite - Product Review by Don Jones
NetWrix Change Reporter Suite - Product Review by Don JonesNetWrix Change Reporter Suite - Product Review by Don Jones
NetWrix Change Reporter Suite - Product Review by Don JonesNetwrix Corporation
 
Level Up to a Seamless End-User Experience
Level Up to a Seamless End-User ExperienceLevel Up to a Seamless End-User Experience
Level Up to a Seamless End-User ExperienceVMware
 
Independent Software Assessments
Independent Software AssessmentsIndependent Software Assessments
Independent Software AssessmentsDCG Software Value
 
Higher Efficiency and IT Empowerment with VMware vSphere with Operations Mana...
Higher Efficiency and IT Empowerment with VMware vSphere with Operations Mana...Higher Efficiency and IT Empowerment with VMware vSphere with Operations Mana...
Higher Efficiency and IT Empowerment with VMware vSphere with Operations Mana...VMware
 
Dell Endpoint Systems Management Solutions
Dell Endpoint Systems Management SolutionsDell Endpoint Systems Management Solutions
Dell Endpoint Systems Management SolutionsCTI Group
 
TDi Technologies - IT Foundation Management (IT Operations)
TDi Technologies - IT Foundation Management (IT Operations)TDi Technologies - IT Foundation Management (IT Operations)
TDi Technologies - IT Foundation Management (IT Operations)TDiTechnologies
 
Innovations in desktop virtualization: Expanding to workstation use cases
Innovations in desktop virtualization: Expanding to workstation use casesInnovations in desktop virtualization: Expanding to workstation use cases
Innovations in desktop virtualization: Expanding to workstation use casesDell World
 
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #5
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #5SynerComm's Tech TV series CIS Top 20 Critical Security Controls #5
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #5Lisa Niles
 
Cyber security series administrative control breaches
Cyber security series administrative control breaches Cyber security series administrative control breaches
Cyber security series administrative control breaches Jim Kaplan CIA CFE
 
4 Best Practices for Patch Management in Education IT
4 Best Practices for Patch Management in Education IT4 Best Practices for Patch Management in Education IT
4 Best Practices for Patch Management in Education ITKaseya
 
Patch Management: 4 Best Practices and More for Today's Healthcare IT
Patch Management: 4 Best Practices and More for Today's Healthcare IT Patch Management: 4 Best Practices and More for Today's Healthcare IT
Patch Management: 4 Best Practices and More for Today's Healthcare IT Kaseya
 
6 Tools for Improving IT Operations in ICS Environments
6 Tools for Improving IT Operations in ICS Environments6 Tools for Improving IT Operations in ICS Environments
6 Tools for Improving IT Operations in ICS EnvironmentsEnergySec
 
VMworld 2013: Separating Cloud Hype from Reality in Healthcare – a Real-Life ...
VMworld 2013: Separating Cloud Hype from Reality in Healthcare – a Real-Life ...VMworld 2013: Separating Cloud Hype from Reality in Healthcare – a Real-Life ...
VMworld 2013: Separating Cloud Hype from Reality in Healthcare – a Real-Life ...VMworld
 
Top 10 critical changes to audit in your it infrastructure
Top 10 critical changes to audit in your it infrastructureTop 10 critical changes to audit in your it infrastructure
Top 10 critical changes to audit in your it infrastructureNetwrix Corporation
 

Tendances (20)

Selecting the right security policy management solution for your organization
Selecting the right security policy management solution for your organizationSelecting the right security policy management solution for your organization
Selecting the right security policy management solution for your organization
 
APC Live Tour - MW
APC Live Tour - MWAPC Live Tour - MW
APC Live Tour - MW
 
Empowering the evolving workforce with virtual workspaces
Empowering the evolving workforce with virtual workspacesEmpowering the evolving workforce with virtual workspaces
Empowering the evolving workforce with virtual workspaces
 
Why SaaS BI
Why SaaS BIWhy SaaS BI
Why SaaS BI
 
New Model for IT: Cloud Service Provider
New Model for IT: Cloud Service ProviderNew Model for IT: Cloud Service Provider
New Model for IT: Cloud Service Provider
 
NetWrix Change Reporter Suite - Product Review by Don Jones
NetWrix Change Reporter Suite - Product Review by Don JonesNetWrix Change Reporter Suite - Product Review by Don Jones
NetWrix Change Reporter Suite - Product Review by Don Jones
 
Level Up to a Seamless End-User Experience
Level Up to a Seamless End-User ExperienceLevel Up to a Seamless End-User Experience
Level Up to a Seamless End-User Experience
 
Independent Software Assessments
Independent Software AssessmentsIndependent Software Assessments
Independent Software Assessments
 
Higher Efficiency and IT Empowerment with VMware vSphere with Operations Mana...
Higher Efficiency and IT Empowerment with VMware vSphere with Operations Mana...Higher Efficiency and IT Empowerment with VMware vSphere with Operations Mana...
Higher Efficiency and IT Empowerment with VMware vSphere with Operations Mana...
 
Dell Endpoint Systems Management Solutions
Dell Endpoint Systems Management SolutionsDell Endpoint Systems Management Solutions
Dell Endpoint Systems Management Solutions
 
TDi Technologies - IT Foundation Management (IT Operations)
TDi Technologies - IT Foundation Management (IT Operations)TDi Technologies - IT Foundation Management (IT Operations)
TDi Technologies - IT Foundation Management (IT Operations)
 
Innovations in desktop virtualization: Expanding to workstation use cases
Innovations in desktop virtualization: Expanding to workstation use casesInnovations in desktop virtualization: Expanding to workstation use cases
Innovations in desktop virtualization: Expanding to workstation use cases
 
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #5
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #5SynerComm's Tech TV series CIS Top 20 Critical Security Controls #5
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #5
 
Cyber security series administrative control breaches
Cyber security series administrative control breaches Cyber security series administrative control breaches
Cyber security series administrative control breaches
 
4 Best Practices for Patch Management in Education IT
4 Best Practices for Patch Management in Education IT4 Best Practices for Patch Management in Education IT
4 Best Practices for Patch Management in Education IT
 
Patch Management: 4 Best Practices and More for Today's Healthcare IT
Patch Management: 4 Best Practices and More for Today's Healthcare IT Patch Management: 4 Best Practices and More for Today's Healthcare IT
Patch Management: 4 Best Practices and More for Today's Healthcare IT
 
6 Tools for Improving IT Operations in ICS Environments
6 Tools for Improving IT Operations in ICS Environments6 Tools for Improving IT Operations in ICS Environments
6 Tools for Improving IT Operations in ICS Environments
 
VMworld 2013: Separating Cloud Hype from Reality in Healthcare – a Real-Life ...
VMworld 2013: Separating Cloud Hype from Reality in Healthcare – a Real-Life ...VMworld 2013: Separating Cloud Hype from Reality in Healthcare – a Real-Life ...
VMworld 2013: Separating Cloud Hype from Reality in Healthcare – a Real-Life ...
 
Vulnerability and Patch Management
Vulnerability and Patch ManagementVulnerability and Patch Management
Vulnerability and Patch Management
 
Top 10 critical changes to audit in your it infrastructure
Top 10 critical changes to audit in your it infrastructureTop 10 critical changes to audit in your it infrastructure
Top 10 critical changes to audit in your it infrastructure
 

Similaire à Automating Enterprise IT Management

Enforce compliance policy with model-driven automation
Enforce compliance policy with model-driven automationEnforce compliance policy with model-driven automation
Enforce compliance policy with model-driven automationPuppet
 
The Business Value of Modernizing your Windows Infrastructure and Bringing Li...
The Business Value of Modernizing your Windows Infrastructure and Bringing Li...The Business Value of Modernizing your Windows Infrastructure and Bringing Li...
The Business Value of Modernizing your Windows Infrastructure and Bringing Li...Puppet
 
Cybersecurity: Challenges, Initiatives, and Best Practices
Cybersecurity: Challenges, Initiatives, and Best PracticesCybersecurity: Challenges, Initiatives, and Best Practices
Cybersecurity: Challenges, Initiatives, and Best PracticesJohn Gilligan
 
Building DevOps in the enterprise: Transforming challenges into organizationa...
Building DevOps in the enterprise: Transforming challenges into organizationa...Building DevOps in the enterprise: Transforming challenges into organizationa...
Building DevOps in the enterprise: Transforming challenges into organizationa...Jonah Kowall
 
Con8154 controlling for multiple erp systems with oracle advanced controls
Con8154 controlling for multiple erp systems with oracle advanced controlsCon8154 controlling for multiple erp systems with oracle advanced controls
Con8154 controlling for multiple erp systems with oracle advanced controlsOracle
 
Customers talk about controlling access for multiple erp systems with oracle ...
Customers talk about controlling access for multiple erp systems with oracle ...Customers talk about controlling access for multiple erp systems with oracle ...
Customers talk about controlling access for multiple erp systems with oracle ...Oracle
 
John Mcdermott - Gold sponsor session: Hybrid - IT needs hybrid good practice
John Mcdermott - Gold sponsor session: Hybrid - IT needs hybrid good practiceJohn Mcdermott - Gold sponsor session: Hybrid - IT needs hybrid good practice
John Mcdermott - Gold sponsor session: Hybrid - IT needs hybrid good practiceitSMF UK
 
Get ahead of the cloud or get left behind
Get ahead of the cloud or get left behindGet ahead of the cloud or get left behind
Get ahead of the cloud or get left behindMatt Mandich
 
Leveraging Change Control for Security
Leveraging Change Control for SecurityLeveraging Change Control for Security
Leveraging Change Control for SecurityTripwire
 
Suffering from “Franken” Monitoring?
Suffering from “Franken” Monitoring?Suffering from “Franken” Monitoring?
Suffering from “Franken” Monitoring?Riverbed Technology
 
VMworld 2013: Building the Management Stack for Your Software Defined Data Ce...
VMworld 2013: Building the Management Stack for Your Software Defined Data Ce...VMworld 2013: Building the Management Stack for Your Software Defined Data Ce...
VMworld 2013: Building the Management Stack for Your Software Defined Data Ce...VMworld
 
Redefine Corporate CyberSecurity Frameworks under "COVID-19" Situations, OW2o...
Redefine Corporate CyberSecurity Frameworks under "COVID-19" Situations, OW2o...Redefine Corporate CyberSecurity Frameworks under "COVID-19" Situations, OW2o...
Redefine Corporate CyberSecurity Frameworks under "COVID-19" Situations, OW2o...OW2
 
PureApp Hybrid Cloud - Mark Willemse ING Presentation 11th September 2014
PureApp Hybrid Cloud - Mark Willemse ING Presentation 11th September 2014PureApp Hybrid Cloud - Mark Willemse ING Presentation 11th September 2014
PureApp Hybrid Cloud - Mark Willemse ING Presentation 11th September 2014IBM Systems UKI
 
7 Habits of Highly Secure Organizations
7 Habits of Highly Secure Organizations7 Habits of Highly Secure Organizations
7 Habits of Highly Secure OrganizationsHelpSystems
 
Microservices and the Modern IT Stack: Trends of Tomorrow - AppSphere16
Microservices and the Modern IT Stack: Trends of Tomorrow - AppSphere16Microservices and the Modern IT Stack: Trends of Tomorrow - AppSphere16
Microservices and the Modern IT Stack: Trends of Tomorrow - AppSphere16AppDynamics
 
Context Is Critical for IT Operations - How Rich Data Yields Richer Results
Context Is Critical for IT Operations - How Rich Data Yields Richer Results Context Is Critical for IT Operations - How Rich Data Yields Richer Results
Context Is Critical for IT Operations - How Rich Data Yields Richer Results OpsRamp
 
Whitepaper factors to consider when selecting an open source infrastructure ...
Whitepaper factors to consider when selecting an open source infrastructure ...Whitepaper factors to consider when selecting an open source infrastructure ...
Whitepaper factors to consider when selecting an open source infrastructure ...apprize360
 

Similaire à Automating Enterprise IT Management (20)

Enforce compliance policy with model-driven automation
Enforce compliance policy with model-driven automationEnforce compliance policy with model-driven automation
Enforce compliance policy with model-driven automation
 
Many products-no-security (1)
Many products-no-security (1)Many products-no-security (1)
Many products-no-security (1)
 
The Business Value of Modernizing your Windows Infrastructure and Bringing Li...
The Business Value of Modernizing your Windows Infrastructure and Bringing Li...The Business Value of Modernizing your Windows Infrastructure and Bringing Li...
The Business Value of Modernizing your Windows Infrastructure and Bringing Li...
 
Cybersecurity: Challenges, Initiatives, and Best Practices
Cybersecurity: Challenges, Initiatives, and Best PracticesCybersecurity: Challenges, Initiatives, and Best Practices
Cybersecurity: Challenges, Initiatives, and Best Practices
 
Building DevOps in the enterprise: Transforming challenges into organizationa...
Building DevOps in the enterprise: Transforming challenges into organizationa...Building DevOps in the enterprise: Transforming challenges into organizationa...
Building DevOps in the enterprise: Transforming challenges into organizationa...
 
Con8154 controlling for multiple erp systems with oracle advanced controls
Con8154 controlling for multiple erp systems with oracle advanced controlsCon8154 controlling for multiple erp systems with oracle advanced controls
Con8154 controlling for multiple erp systems with oracle advanced controls
 
Customers talk about controlling access for multiple erp systems with oracle ...
Customers talk about controlling access for multiple erp systems with oracle ...Customers talk about controlling access for multiple erp systems with oracle ...
Customers talk about controlling access for multiple erp systems with oracle ...
 
John Mcdermott - Gold sponsor session: Hybrid - IT needs hybrid good practice
John Mcdermott - Gold sponsor session: Hybrid - IT needs hybrid good practiceJohn Mcdermott - Gold sponsor session: Hybrid - IT needs hybrid good practice
John Mcdermott - Gold sponsor session: Hybrid - IT needs hybrid good practice
 
Get ahead of the cloud or get left behind
Get ahead of the cloud or get left behindGet ahead of the cloud or get left behind
Get ahead of the cloud or get left behind
 
Leveraging Change Control for Security
Leveraging Change Control for SecurityLeveraging Change Control for Security
Leveraging Change Control for Security
 
Suffering from “Franken” Monitoring?
Suffering from “Franken” Monitoring?Suffering from “Franken” Monitoring?
Suffering from “Franken” Monitoring?
 
VMworld 2013: Building the Management Stack for Your Software Defined Data Ce...
VMworld 2013: Building the Management Stack for Your Software Defined Data Ce...VMworld 2013: Building the Management Stack for Your Software Defined Data Ce...
VMworld 2013: Building the Management Stack for Your Software Defined Data Ce...
 
Redefine Corporate CyberSecurity Frameworks under "COVID-19" Situations, OW2o...
Redefine Corporate CyberSecurity Frameworks under "COVID-19" Situations, OW2o...Redefine Corporate CyberSecurity Frameworks under "COVID-19" Situations, OW2o...
Redefine Corporate CyberSecurity Frameworks under "COVID-19" Situations, OW2o...
 
PureApp Hybrid Cloud - Mark Willemse ING Presentation 11th September 2014
PureApp Hybrid Cloud - Mark Willemse ING Presentation 11th September 2014PureApp Hybrid Cloud - Mark Willemse ING Presentation 11th September 2014
PureApp Hybrid Cloud - Mark Willemse ING Presentation 11th September 2014
 
Enterprise Agile Adoption
Enterprise Agile AdoptionEnterprise Agile Adoption
Enterprise Agile Adoption
 
7 Habits of Highly Secure Organizations
7 Habits of Highly Secure Organizations7 Habits of Highly Secure Organizations
7 Habits of Highly Secure Organizations
 
Microservices and the Modern IT Stack: Trends of Tomorrow - AppSphere16
Microservices and the Modern IT Stack: Trends of Tomorrow - AppSphere16Microservices and the Modern IT Stack: Trends of Tomorrow - AppSphere16
Microservices and the Modern IT Stack: Trends of Tomorrow - AppSphere16
 
Two speed-it
Two speed-itTwo speed-it
Two speed-it
 
Context Is Critical for IT Operations - How Rich Data Yields Richer Results
Context Is Critical for IT Operations - How Rich Data Yields Richer Results Context Is Critical for IT Operations - How Rich Data Yields Richer Results
Context Is Critical for IT Operations - How Rich Data Yields Richer Results
 
Whitepaper factors to consider when selecting an open source infrastructure ...
Whitepaper factors to consider when selecting an open source infrastructure ...Whitepaper factors to consider when selecting an open source infrastructure ...
Whitepaper factors to consider when selecting an open source infrastructure ...
 

Plus de John Gilligan

Understanding Technology Stakeholders
Understanding Technology StakeholdersUnderstanding Technology Stakeholders
Understanding Technology StakeholdersJohn Gilligan
 
Cyber Security: Threats and Needed Actions
Cyber Security: Threats and Needed ActionsCyber Security: Threats and Needed Actions
Cyber Security: Threats and Needed ActionsJohn Gilligan
 
Cyber Security: Past and Future
Cyber Security: Past and FutureCyber Security: Past and Future
Cyber Security: Past and FutureJohn Gilligan
 
Solving the CIO’s Cybersecurity Dilemma
Solving the CIO’s Cybersecurity DilemmaSolving the CIO’s Cybersecurity Dilemma
Solving the CIO’s Cybersecurity DilemmaJohn Gilligan
 
Ensuring Effective Security The CIOs Dilemma 11 17 08
Ensuring Effective Security The CIOs Dilemma 11 17 08Ensuring Effective Security The CIOs Dilemma 11 17 08
Ensuring Effective Security The CIOs Dilemma 11 17 08John Gilligan
 
Cyber Security - the 21st Century Domain
Cyber Security - the 21st Century DomainCyber Security - the 21st Century Domain
Cyber Security - the 21st Century DomainJohn Gilligan
 
Consensus Audit Guidelines 2008
Consensus Audit Guidelines 2008Consensus Audit Guidelines 2008
Consensus Audit Guidelines 2008John Gilligan
 
Security In The Supply Chain
Security In The Supply ChainSecurity In The Supply Chain
Security In The Supply ChainJohn Gilligan
 

Plus de John Gilligan (8)

Understanding Technology Stakeholders
Understanding Technology StakeholdersUnderstanding Technology Stakeholders
Understanding Technology Stakeholders
 
Cyber Security: Threats and Needed Actions
Cyber Security: Threats and Needed ActionsCyber Security: Threats and Needed Actions
Cyber Security: Threats and Needed Actions
 
Cyber Security: Past and Future
Cyber Security: Past and FutureCyber Security: Past and Future
Cyber Security: Past and Future
 
Solving the CIO’s Cybersecurity Dilemma
Solving the CIO’s Cybersecurity DilemmaSolving the CIO’s Cybersecurity Dilemma
Solving the CIO’s Cybersecurity Dilemma
 
Ensuring Effective Security The CIOs Dilemma 11 17 08
Ensuring Effective Security The CIOs Dilemma 11 17 08Ensuring Effective Security The CIOs Dilemma 11 17 08
Ensuring Effective Security The CIOs Dilemma 11 17 08
 
Cyber Security - the 21st Century Domain
Cyber Security - the 21st Century DomainCyber Security - the 21st Century Domain
Cyber Security - the 21st Century Domain
 
Consensus Audit Guidelines 2008
Consensus Audit Guidelines 2008Consensus Audit Guidelines 2008
Consensus Audit Guidelines 2008
 
Security In The Supply Chain
Security In The Supply ChainSecurity In The Supply Chain
Security In The Supply Chain
 

Dernier

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 

Dernier (20)

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 

Automating Enterprise IT Management

  • 1. Automating Enterprise IT Management by Leveraging Security Content Automation Protocol (SCAP) John M. Gilligan www.gilligangroupinc.com May, 2009
  • 2. Problem Today’s state—CIOs of large enterprises cannot: • See their IT assets—they don’t know what they have • Tell which systems comply with policy • Makes reporting, enforcement impossible • Change configurations quickly in reaction to changing threats or vendor updates 2 IT organizations cannot effectively manage complex environments
  • 3. Root Cause Today’s enterprise IT capabilities are: • Complex • Dynamic • Vulnerable • Fragmented in use of automated management 3 Processes and tools are immature
  • 4. CIOs are concerned about enterprise IT management • Cost of poorly managed IT is growing rapidly • Cyber attacks are exploiting weak enterprise management – Weakest link becomes enterprise “Achilles Heel” – Cyber exploitation now a National Security issue • High quality IT support requires effective enterprise management 4 SCAP enables effective enterprise IT management and security
  • 5. Goal—Well-Managed Enterprise • Every device in an enterprise is known, actively managed, and configured as securely as necessary all the time, and the right people know this is so or not so • Integrated and automated enterprise management tools increase operational effectiveness and security without increased cost 5
  • 6. Solution Elements • Governance • Technology • Discipline 6
  • 7. Governance • Define management and security policies and properties to be implemented in enterprise IT environments • Accelerate evolution to a disciplined environment – Federal Desktop Core Configuration (FDCC)--Establishes initial configuration discipline – 20 Critical Controls for Effective Cyber Defense: Consensus Audit Guidelines—Counter most significant threats with measurable controls – NIST Special Publication 800-53 (Information Security; Recommended Security Controls for Federal Information Systems)—Establish comprehensive disciplined management and security policies and controls 7
  • 8. Technology • Use tools that are Security Content Automation Protocol (SCAP)-enabled • Automate management of configuration, asset management, and security properties – Continuously assess, report, enforce endpoint compliance – React quickly to changing situations (e.g., vendor patches, new configurations, revised policy) • Achieve cross-vendor integration, interoperability 8 SCAP enables tool integration and interoperability for disciplined enterprise IT management
  • 9. Discipline Verify compliance with enterprise IT policies: • Continuously verify effectiveness of controls by leveraging automation and trend metrics • Also employ metrics for operational effectiveness and cost • Use Auditors and Red Teams to independently validate discipline • Ensure visible accountability for those who violate policies 9
  • 10. Leveraging SCAP for Enterprise IT Management 10
  • 11. Current SCAP Standards 11 CVE CVSS OVAL CCECPE XCCDF Software vulnerability management Configuration management Compliance management Asset management SCAP supports foundational IT management functions
  • 12. Specific SCAP Standards 12 CVE CVSS OVAL CCECPE XCCDF Software vulnerability management Configuration management Compliance management Asset management Identifies vulnerabilities Scores vulnerability severity Criteria to check presence of vulnerabilities, configurations, assets Identifies configuration controls Language to express configuration guidance for both automatic and manual vetting Identifies packages and platforms SCAP enables enterprise-wide, cross-vendor interoperability and aggregation of data produced by separate tools
  • 13. Mature Standards Illustrate Possibilities • Common Vulnerabilities and Exposures (CVE): industry standard for identifying vulnerabilities – 36,000+ vulnerabilities agreed upon over the last 10 years – 245 products, 138 organizations, 25 countries • Common Vulnerability Scoring System (CVSS): Payment Card Industry (PCI) uses to judge compliance of organizations that process card payments 13 Industry has adopted SCAP standards for individual needs
  • 14. SCAP Gaining Momentum • Federal Desktop Core Configuration (FDCC/SCAP) – Ken Heitkamp (ex-Deputy CIO AF): “FDCC with SCAP not only establishes standard configurations for hardware suppliers, it also addresses security for those that develop software” • Open Vulnerability Assessment Language (OVAL) – McAfee: “The ability to…describe vulnerabilities on a system and exchange that information between tools is doing a great deal to improve [vendor] offerings” • NIST issues SCAP content for FISMA compliance – Steve Quinn (NIST): “[SCAP is] an automated approach to help agencies make the jump from security policies and mandates to secure systems.” 14
  • 15. Product Interoperability The Problem • Different vendor products give different answers • CIOs can’t integrate across vendors The Solution • SCAP standard ‘OVAL’ introduced to enable integration • Red Hat adopted OVAL; found it increased value of their advisories to customers • Other vendors have followed (e.g., Symantec) 15 OVAL provides the “glue” for SCAP-compliant tools leading to interoperability
  • 16. Enterprise IT Management Using SCAP • DoD Computer Network Defense (CND) data sharing pilot demonstrating enterprise management using SCAP – SCAP shows which systems are vulnerable; enables rapid, prioritized response (e.g., rush patching); provides follow-up reporting – Tony Sager (NSA): “We do it all now with SCAP- compatible tools.” • Organizations beginning to see SCAP benefits for other enterprise applications 16
  • 17. Leadership is needed now 17 Shape technology to serve the public interest
  • 18. Recommended Actions How Federal government can provide leadership: 1. Require SCAP-validated tools 2. Educate IT staff in how SCAP can be used for enterprise IT management 3. Deploy SCAP-validated tools; evolve to automated enterprise IT management 4. Share lessons learned with IT managers and vendors – More use cases—not just security – More transparent integration 18
  • 19. SCAP can transform individual tools into integrated parts of an Enterprise IT Management Capability 19 Capabilities Tools SCAP
  • 20. Enterprise IT Management Roadmap 20 Capability Cost
  • 21. Contact Information 21 John M. Gilligan jgilligan@gilligangroupinc.com 703-503-3232 www.gilligangroupinc.com
  • 22. Strategic Roadmap • Controlled configuration for Windows • Controlled configuration for major operating systems and applications • Standardized application white and black listing • Adaptive configurations based on threat • Faster vulnerability impact/patch level assessment • Standardized remediation, configuration control • Today • 2010 • 2010 • 2011 • OVAL adoption • 2012 22 More secure, more automated Real-time management More secure, automated, real time