|
Information Security Automation Program
The Information Security Automation Program (ISAP, pronounced “I Sap”) is a U.S. government multi-agency initiative to enable automation and standardization of technical security operations. While a U.S. government initiative, its standards based design can benefit all information technology security operations. The ISAP high level goals include standards based automation of security checking and remediation as well as automation of technical compliance activities (e.g. FISMA). ISAP's low level objectives include enabling standards based communication of vulnerability data, customizing and managing configuration baselines for various IT products, assessing information systems and reporting compliance status, using standard metrics to weight and aggregate potential vulnerability impact, and remediating identified vulnerabilities. ISAP's technical specifications are contained in the related Security Content Automation Protocol (SCAP). ISAP's security automation content is either c ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
FISMA
The Federal Information Security Management Act of 2002 (FISMA, , ''et seq.'') is a United States federal law enacted in 2002 as Title III of the E-Government Act of 2002 (, ). The act recognized the importance of information security to the economic and national security interests of the United States. The act requires each Government agency#United States, federal agency to develop, document, and implement an agency-wide program to provide information security for the information and information systems that support the operations and assets of the agency, including those provided or managed by another agency, Government contractor, contractor, or other source. FISMA has brought attention within the federal government to cybersecurity and explicitly emphasized a "risk-based policy for cost-effective security." FISMA requires agency program officials, chief information officers, and inspectors general (IGs) to conduct annual reviews of the agency's information security program an ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Security Content Automation Protocol
The Security Content Automation Protocol (SCAP) is a method for using specific standards to enable automated vulnerability management, measurement, and policy compliance evaluation of systems deployed in an organization, including e.g., Federal Information Security Management Act of 2002, FISMA (Federal Information Security Management Act, 2002) compliance. The National Vulnerability Database (NVD) is the U.S. government content repository for SCAP. An example of an implementation of SCAP is OpenSCAP. SCAP is a suite of tools that have been compiled to be compatible with various protocols for things like configuration management, compliance requirements, software flaws, or vulnerabilities patching. Accumulation of these standards provides a means for data to be communicated between humans and machines efficiently. The objective of the framework is to promote a communal approach to the implementation of automated security mechanisms that are not monopolized. Purpose To guard again ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
National Vulnerability Database
The National Vulnerability Database (NVD) is the U.S. government repository of standards-based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. NVD includes databases of security checklists, security related software flaws, misconfigurations, product names, and impact metrics. NVD supports the Information Security Automation Program (ISAP). NVD is managed by the U.S. government agency the National Institute of Standards and Technology The National Institute of Standards and Technology (NIST) is an agency of the United States Department of Commerce whose mission is to promote American innovation and industrial competitiveness. NIST's activities are organized into Outline of p ... (NIST). On Friday March 8, 2013, the database was taken offline after it was discovered that the system used to run multiple government sites had been compromi ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Defense Information Systems Agency
The Defense Information Systems Agency (DISA), known as the Defense Communications Agency (DCA) until 1991, is a United States Department of Defense (DoD) combat support agency. It is composed of military, federal civilians, and contractors. DISA provides information technology (IT) and communications support to the President, Vice President, Secretary of Defense, the Department of Defense, the combatant commands, and any individual or system contributing to the defense of the United States. History 1960s: The Defense Communications Agency DCA was established May 12, 1960, with the primary mission of operational control and management of the Defense Communications System (DCS). The initial headquarters for 34 DCA members was Wake Hall, one of a complex of three buildings (which included Midway Hall and Guam Hall) on the site where the parking lot of the Robert F. Kennedy Stadium in Washington, D.C., stands today. Navy Rear Admiral William D. Irvin became the first DCA ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
National Security Agency
The National Security Agency (NSA) is an intelligence agency of the United States Department of Defense, under the authority of the director of national intelligence (DNI). The NSA is responsible for global monitoring, collection, and processing of information and data for global intelligence and counterintelligence purposes, specializing in a discipline known as signals intelligence (SIGINT). The NSA is also tasked with the protection of U.S. communications networks and information systems. The NSA relies on a variety of measures to accomplish its mission, the majority of which are clandestine. The NSA has roughly 32,000 employees. Originating as a unit to decipher coded communications in World War II, it was officially formed as the NSA by President Harry S. Truman in 1952. Between then and the end of the Cold War, it became the largest of the U.S. intelligence organizations in terms of personnel and budget. Still, information available as of 2013 indicates that the C ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
National Institute Of Standards And Technology
The National Institute of Standards and Technology (NIST) is an agency of the United States Department of Commerce whose mission is to promote American innovation and industrial competitiveness. NIST's activities are organized into Outline of physical science, physical science laboratory programs that include Nanotechnology, nanoscale science and technology, engineering, information technology, neutron research, material measurement, and physical measurement. From 1901 to 1988, the agency was named the National Bureau of Standards. History Background The Articles of Confederation, ratified by the colonies in 1781, provided: The United States in Congress assembled shall also have the sole and exclusive right and power of regulating the alloy and value of coin struck by their own authority, or by that of the respective states—fixing the standards of weights and measures throughout the United States. Article 1, section 8, of the Constitution of the United States, ratified i ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Office Of The Secretary Of Defense
The Office of the Secretary of Defense (OSD) is a headquarters-level staff of the United States Department of Defense. It is the principal civilian staff element of the U.S. Secretary of Defense, and it assists the Secretary in carrying out authority, direction and control of the Department of Defense in the exercise of policy development, planning, resource management, fiscal, and program evaluation responsibilities. OSD (along with the Joint Staff) is the Secretary of Defense's support staff for managing the Department of Defense, and it corresponds to what the Executive Office of the President of the U.S. is to the U.S. president for managing the whole of the Executive branch of the federal government. OSD includes the immediate offices of the Secretary (SECDEF) and the Deputy Secretary of Defense (DEPSECDEF), as well as the Under Secretary of Defense for Research and Engineering; Under Secretary of Defense for Acquisition and Sustainment; Under Secretary of Defense for ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Department Of Homeland Security
The United States Department of Homeland Security (DHS) is the U.S. federal executive department responsible for public security, roughly comparable to the interior, home, or public security ministries in other countries. Its missions involve anti-terrorism, civil defense, immigration and customs, border control, cybersecurity, transportation security, maritime security and sea rescue, and the mitigation of weapons of mass destruction. It began operations on March 1, 2003, after being formed as a result of the Homeland Security Act of 2002, enacted in response to the September 11 attacks. With more than 240,000 employees, DHS is the third-largest Cabinet department, after the departments of Defense and Veterans Affairs. Homeland security policy is coordinated at the White House by the Homeland Security Council. Other agencies with significant homeland security responsibilities include the departments of Health and Human Services, Justice, and Energy. History Cre ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Agencies Of The United States Government
Legislative definitions of an agency of the federal government of the United States are varied, and even contradictory. The official '' United States Government Manual'' offers no definition. While the Administrative Procedure Act definition of "agency" applies to most executive branch agencies, Congress may define an agency however it chooses in enabling legislation, and through subsequent litigation often involving the Freedom of Information Act and the Government in the Sunshine Act. These further cloud attempts to enumerate a list of agencies. The executive branch of the federal government includes the Executive Office of the President and the United States federal executive departments (whose secretaries belong to the Cabinet). Employees of the majority of these agencies are considered civil servants. The majority of the independent agencies of the United States government are also classified as executive agencies (they are independent in that they are not subordinated ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Computer Security
Computer security (also cybersecurity, digital security, or information technology (IT) security) is a subdiscipline within the field of information security. It consists of the protection of computer software, systems and computer network, networks from Threat (security), threats that can lead to unauthorized information disclosure, theft or damage to computer hardware, hardware, software, or Data (computing), data, as well as from the disruption or misdirection of the Service (economics), services they provide. The significance of the field stems from the expanded reliance on computer systems, the Internet, and wireless network standards. Its importance is further amplified by the growth of smart devices, including smartphones, televisions, and the various devices that constitute the Internet of things (IoT). Cybersecurity has emerged as one of the most significant new challenges facing the contemporary world, due to both the complexity of information systems and the societi ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
