U.S. flag   An unofficial archive of your favorite United States government website
This is an archive
(replace .gov by .rip)

NISTIR 8011 Vol. 3

Automation Support for Security Control Assessments: Software Asset Management

Date Published: December 2018

Author(s)

Kelley Dempsey (NIST), Nedim Goren (NIST), Paul Eavy (DHS), George Moore (APL)

Abstract

Keywords

actual state; assessment; authorization boundary; automation; capability; continuous diagnostics and mitigation; dashboard; defect; desired state specification; firmware; information security continuous monitoring; ISCM; inventory management; malicious code; malware; mitigation; mobile code; ongoing assessment; root cause analysis; security capability; security control; security control item; software; software asset management; software file; SWID tag; whitelisting
Control Families

Assessment, Authorization and Monitoring; Risk Assessment

Documentation

Publication:
NISTIR 8011 Vol. 3 (DOI)
Local Download

Supplemental Material:
None available

Other Parts of this Publication:
NISTIR 8011 Vol. 1
NISTIR 8011 Vol. 2
NISTIR 8011 Vol. 4

Related NIST Publications:
SP 800-53A Rev. 4
SP 800-53 Rev. 4

Document History:
04/05/18: NISTIR 8011 Vol. 3 (Draft)
12/06/18: NISTIR 8011 Vol. 3 (Final)