Information Security Automation Program (original) (raw)
The Information Security Automation Program (ISAP, pronounced “I Sap”) is a U.S. government multi-agency initiative to enable automation and standardization of technical security operations. While a U.S. government initiative, its standards based design can benefit all information technology security operations. The ISAP high level goals include standards based automation of security checking and remediation as well as automation of technical compliance activities (e.g. FISMA). ISAP's low level objectives include enabling standards based communication of vulnerability data, customizing and managing configuration baselines for various IT products, assessing information systems and reporting compliance status, using standard metrics to weight and aggregate potential vulnerability impact, and
| Property | Value |
|---|---|
| dbo:abstract | The Information Security Automation Program (ISAP, pronounced “I Sap”) is a U.S. government multi-agency initiative to enable automation and standardization of technical security operations. While a U.S. government initiative, its standards based design can benefit all information technology security operations. The ISAP high level goals include standards based automation of security checking and remediation as well as automation of technical compliance activities (e.g. FISMA). ISAP's low level objectives include enabling standards based communication of vulnerability data, customizing and managing configuration baselines for various IT products, assessing information systems and reporting compliance status, using standard metrics to weight and aggregate potential vulnerability impact, and remediating identified vulnerabilities. ISAP's technical specifications are contained in the related Security Content Automation Protocol (SCAP). ISAP's security automation content is either contained within, or referenced by, the National Vulnerability Database. ISAP is being formalized through a trilateral memorandum of agreement (MOA) between Defense Information Systems Agency (DISA), the National Security Agency (NSA), and the National Institute of Standards and Technology (NIST). The Office of the Secretary of Defense (OSD) also participates and the Department of Homeland Security (DHS) funds the operation infrastructure on which ISAP relies (i.e., the National Vulnerability Database). (en) |
| dbo:wikiPageExternalLink | http://nvd.nist.gov/scap.cfm http://nvd.nist.gov/scap/docs/ISAP.doc http://nvd.nist.gov http://scap.nist.gov |
| dbo:wikiPageID | 13764535 (xsd:integer) |
| dbo:wikiPageLength | 2114 (xsd:nonNegativeInteger) |
| dbo:wikiPageRevisionID | 950962670 (xsd:integer) |
| dbo:wikiPageWikiLink | dbr:National_Vulnerability_Database dbr:Defense_Information_Systems_Agency dbr:Office_of_the_Secretary_of_Defense dbc:Agencies_of_the_United_States_government dbc:Computer_security dbc:National_security dbr:FISMA dbr:National_Institute_of_Standards_and_Technology dbr:National_Security_Agency dbr:Security_Content_Automation_Protocol dbr:Department_of_Homeland_Security |
| dbp:wikiPageUsesTemplate | dbt:US-gov-stub |
| dct:subject | dbc:Agencies_of_the_United_States_government dbc:Computer_security dbc:National_security |
| gold:hypernym | dbr:S |
| rdf:type | yago:Abstraction100002137 yago:AdministrativeUnit108077292 yago:Agency108337324 yago:Group100031264 yago:Organization108008335 yago:YagoLegalActor yago:YagoLegalActorGeo yago:YagoPermanentlyLocatedEntity yago:SocialGroup107950920 yago:Unit108189659 yago:WikicatAgenciesOfTheUnitedStatesGovernment |
| rdfs:comment | The Information Security Automation Program (ISAP, pronounced “I Sap”) is a U.S. government multi-agency initiative to enable automation and standardization of technical security operations. While a U.S. government initiative, its standards based design can benefit all information technology security operations. The ISAP high level goals include standards based automation of security checking and remediation as well as automation of technical compliance activities (e.g. FISMA). ISAP's low level objectives include enabling standards based communication of vulnerability data, customizing and managing configuration baselines for various IT products, assessing information systems and reporting compliance status, using standard metrics to weight and aggregate potential vulnerability impact, and (en) |
| rdfs:label | Information Security Automation Program (en) |
| owl:sameAs | freebase:Information Security Automation Program yago-res:Information Security Automation Program wikidata:Information Security Automation Program https://global.dbpedia.org/id/4nTFQ |
| prov:wasDerivedFrom | wikipedia-en:Information_Security_Automation_Program?oldid=950962670&ns=0 |
| foaf:isPrimaryTopicOf | wikipedia-en:Information_Security_Automation_Program |
| is dbo:wikiPageWikiLink of | dbr:National_Vulnerability_Database dbr:Federal_Information_Security_Management_Act_of_2002 |
| is foaf:primaryTopic of | wikipedia-en:Information_Security_Automation_Program |