1 / 5

SACM Information Model Submission draft-wandw-sacm-information-model-00

SACM Information Model Submission draft-wandw-sacm-information-model-00. Dave Waltermire Kim Watson July 2014. Miscellaneous Stuff. Cooperative effort Focused mostly on the interfaces and schemas necessary to support endpoint assessment Complementary with the other submission

yadid
Download Presentation

SACM Information Model Submission draft-wandw-sacm-information-model-00

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SACM Information Model Submissiondraft-wandw-sacm-information-model-00 Dave Waltermire Kim Watson July 2014

  2. Miscellaneous Stuff • Cooperative effort • Focused mostly on the interfaces and schemas necessary to support endpoint assessment • Complementary with the other submission • Biased by what we knew and the compressed timeline • Includes content for the purpose of starting important conversations

  3. Our Approach • Reviewed Use Case, Architecture, and Requirements documents • Defined a “vision” of how endpoint assessment would “operate” • Focused on Endpoint, Software, Configuration, and Vulnerability Management • Resulted in Architecture assumptions, information needs, and information elements

  4. Key Information Elements • Asset Identifiers: endpoint and software • Other Identifiers: platform configuration item, configuration item, vulnerability • Catalogues: Available software and posture attributes • Instances: Software inventory and collected posture attributes • Guidance: Data that drives collection, evaluation, and reporting actions

  5. Important Conversations • Architecture considerations • Defining tasking/collection methods • The role of source vendors vs 3rd party vendors • Interacting with repositories • Defining/maintaining catalogues • Use of existing work to support SACM information needs • Evolution of existing work (e.g., enhancements, refactoring/splitting up)

More Related