Advanced Search

Content Type

Topics

Publication Date

Standards-Based Automated Remediation: A Remediation Manager Reference Implementation, 2011 Update

Abstract

This report describes the Software Engineering Institute’s (SEI’s) 2011 work for the National Security Agency (NSA) to develop standards for automated remediation of vulnerabilities and compliance issues on Department of Defense (DoD) networked systems. The SEI developed a remediation manager reference implementation that demonstrates how evolving standards can communicate and process information on vulnerabilities, compliance issues, remediation policy, and remediation actions. An earlier report, Standards-Based Automated Remediation: A Remediation Manager Reference Implementation (CMU/SEI-11-SR-007), described the project’s concept, vision, scope, requirements, and the remediation manager implementation as of December 30, 2010. Since then, the SEI has analyzed additional user scenarios, continued remediation standards development, and added new capabilities to the reference implementation.

The remediation manager can employ standards throughout the compliance issue remediation cycle. Using common formats and languages, the reference implementation ingests scan findings, extracts host compliance issues and vulnerabilities, maps them to remediation actions, builds remediation tasks, transmits remediation tasks to a Remediation Tool on a host system, and receives remediation task execution status from the Remediation Tool. In 2011 the SEI added a standards-based remediation policy management capability, enabling users to examine, tailor, and apply standard DoD policy to meet local needs.

Related Reading

Standards-Based Automated Remediation: A Remediation Manager Reference Implementation

Cite This Report

Show Citation Formats

SEI

Chaki, Sagar; Creel, Rita; Davenport, Jeff; Kinney, Mike; McCormick, Benjamin; & Popeck, Mary. Standards-Based Automated Remediation: A Remediation Manager Reference Implementation, 2011 Update (CMU/SEI-2011-SR-016). Software Engineering Institute, Carnegie Mellon University, 2011. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=9755

IEEE

Chaki. Sagar, Creel. Rita, Davenport. Jeff, Kinney. Mike, McCormick. Benjamin, and Popeck. Mary, "Standards-Based Automated Remediation: A Remediation Manager Reference Implementation, 2011 Update," Software Engineering Institute, Carnegie Mellon University, Pittsburgh, Pennsylvania, Special Report CMU/SEI-2011-SR-016, 2011. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=9755

APA

Chaki, Sagar., Creel, Rita., Davenport, Jeff., Kinney, Mike., McCormick, Benjamin., & Popeck, Mary. (2011). Standards-Based Automated Remediation: A Remediation Manager Reference Implementation, 2011 Update (CMU/SEI-2011-SR-016). Retrieved August 29, 2014, from the Software Engineering Institute, Carnegie Mellon University website: http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=9755

CHI

Sagar Chaki, Rita Creel, Jeff Davenport, Mike Kinney, Benjamin McCormick, & Mary Popeck. Standards-Based Automated Remediation: A Remediation Manager Reference Implementation, 2011 Update (CMU/SEI-2011-SR-016). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2011. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=9755

MLA

Chaki, Sagar., Creel, Rita., Davenport, Jeff., Kinney, Mike., McCormick, Benjamin., & Popeck, Mary. 2011. Standards-Based Automated Remediation: A Remediation Manager Reference Implementation, 2011 Update (Technical Report CMU/SEI-2011-SR-016). Pittsburgh: Software Engineering Institute, Carnegie Mellon University. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=9755