{"id":833,"date":"2007-05-23T00:00:00","date_gmt":"2007-05-23T00:00:00","guid":{"rendered":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/2007\/05\/23\/nist-releases-fisma-security-control-tools\/"},"modified":"2021-12-30T11:38:14","modified_gmt":"2021-12-30T11:38:14","slug":"nist-releases-fisma-security-control-tools","status":"publish","type":"post","link":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/2007\/05\/23\/nist-releases-fisma-security-control-tools\/","title":{"rendered":"NIST releases FISMA security control tools"},"content":{"rendered":"<p>The National Institute of Standards and Technology has released a suite of tools to help automate vulnerability management and evaluate compliance with federal IT security requirements.  It is an automated checklist that using a collection of recognized standards for naming software flaws and configuration problems in specific products.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The Security Content Automation Protocol is an expansion of the National Vulnerability Database.  SCAP is intended to help make the step from FISMA compliance to<br \/>\noperational IT security. <\/p>\n<p>FISMA is a very thorough and comprehensive framework for security computers, said Peter Mell, NVD program manager.  But it doesnt deal with diving down at low level configurations and settings where vulnerabilities are exploited.<\/p>\n<p>http:\/\/www.gcn.com\/online\/vol1_no1\/44331-1.html<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[29],"tags":[],"class_list":["post-833","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/833","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=833"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/833\/revisions"}],"predecessor-version":[{"id":3320,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/833\/revisions\/3320"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=833"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=833"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=833"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}