Security Automation Essentials: Streamlined Enterprise Security Management & Monitoring with Scap

Greg Witte leads the U.S. Federal civilian customer support team at G2, Inc., a security firm committed to solving the most complex challenges related to the ability of the U.S. to collect, utilize, and defend digital information.Melanie Cook is an information systems engineer at G2, Inc. She previously worked at the National Security Agency and at the National Institute of Standards and Technology where she contributed to SCAP efforts.Matt Kerr is G2's Director of Research and Development. He helped develop the DISA Gold Disk application, the primary compliance assessment utility for Department of Defense systems.Shane Shaffer is the Technical Director of Security Automation for G2. He served as the lead architect of the Department of Defense's Vulnerability Management System and has been a key contributor to the development of SCAP.

Master the latest digital security automation technologiesAchieve a unified view of security across your IT infrastructure using the cutting-edge techniques contained in this authoritative volume. Security Automation Essentials: Streamlined Enterprise Security Management & Monitoring with SCAP lays out comprehensive technical, administrative, and operational strategies for security management. Discover how to define baseline requirements, automatically confirm patches and updates, identify vulnerabilities, write customized auditing content, and evaluate compliance across your enterprise. Throughout, the authors provide detailed case studies and tips on selecting appropriate security components.Understand SCAP (Security Content Automation Protocol) technologies and standardsTrack compliance using benchmarks and scoring systemsBuild machine-readable configuration checks using XCCDF, OVAL, and OCILPerform vulnerability assessments and find misconfigurationMaximize product interoperability through the use of standard enumerationAssess and monitor residual risk using CVSS valuesUse SCAP editors and XML to create and debug automated checksAccurately assess threats using software assurance automation

This is the first book on the market to explain information security automation technologies to IT security managers.

Ch 1. IntroductionCh 2. What Is SCAPCh 3. SCAP LanguagesCh 4. SCAP Enumerations (with case study)Ch 5. SCAP Vulnerability Measurement (with case study)Ch 6. Putting the Pieces Together (with case study)Ch 7. Using SCAP In Your Enterprise (with case study)Ch 8. Emerging SCAP TechnologiesCh 9. ConclusionAppendicesIndex