Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Open Security Controls Assessment Language (OSCAL) Workshop

The National Institute of Standards and Technology is hosting the first of a new series of workshops focusing on the Open Security Controls Assessment Language (OSCAL). OSCAL provides a standardized set of XML-, JSON- and YAML-based formats for use by authors and maintainers of security and privacy control catalogs, control baselines, and system security plans. These formats provide for the automated exchange of control-related information between tools and facilitate the automated assessment of security and privacy controls implemented in an information system.

We are seeking attendees who are developers of control-oriented security tools, and organizations that want to use or create OSCAL-based information. This workshop will provide this audience familiarity with, and skill in, the development and use of OSCAL

The OSCAL project and this new workshop series are aligned with NIST’s mission of promoting U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life. NIST works to maximize its impact and mission fulfillment by positioning itself to anticipate future technology trends and develop the most important measurements and standards products that are aligned with industry drivers and needs.

Who should attend:

  • Leaders in digital transformation and security automation from the government, private, and academic sectors;
  • Vendors of security automation tools who are considering implementing OSCAL formats in their tools;
  • Participants in standard development organizations focusing on developing and publishing control catalogs and baselines;
  • System owners from the government, private, and academic sectors who want to streamline the documentation of controls used in their information systems.

  • November 5-7, 2019: 9:00 am - 5:00 pm ET 
  • A preliminary agenda for the workshop is available here: Agenda (PDF)

 

*Visitor Access Requirement:

For Non-US Citizens:  Please have your valid passport for photo identification.

For US Permanent Residents: Please have your green card for photo identification.

For US Citizens: Please have your state-issued driver's license. Regarding Real-ID requirements, all states are in compliance or have an extension through October 2020.

NIST also accepts other forms of federally issued identification in lieu of a state-issued driver's license, such as a valid passport, passport card, DOD's Common Access Card (CAC), Veterans ID, Federal Agency HSPD-12 IDs, Military Dependents ID, Transportation Workers Identification Credential (TWIC), and TSA Trusted Traveler ID. 

Created October 10, 2019, Updated January 14, 2020