Cyber Security Theater: Providing Cyber Security Inventory & Compliance Tracking & C2 in a Heterogeneous Tool Environment

  • Room: Halls F and Swing
Wednesday, May 16, 2018: 8:15 AM - 9:15 AM


Joseph Wolfkiel
Lead Engineer, Secure Configuration Management Portfolio
Defense Information Systems Agency


This session will include discussion of the following:

-Blue force attribution (i.e., COAMS, OAM, scorecard tagging to identify devices' owning organization, admin organization, location, accreditation boundary, mission, COCOM AOR, CCSP) across multiple tools in an interoperable fashion

- Unique device identification and tracking across time in support of asset management, as a foundation for vulnerability management, patch management, mitigation management, and risk management, to include special cases, like VDI and Docker containers

- Data extraction, normalization, and updating cyber physical and virtual device data across time at scale

- C2 and compliance tracking issues with implementing multiple tools for, for example, containment, anti-malware, Host IPS, application whitelisting

- Examples of existing systems trying to address these issues: Cybersecurity Scorecard, BDP, CMRS, eMASS - SCAP as an example of standards-based approaches to resolving the problem, advantages and disadvantages


Approved for 1 CompTIA CEU: A+, Network+, Security+, Cloud+, CySA+, and CASP; 1 GIAC CPE