Attached below is a Pre-Decisional, Discussion Draft DHS Continuous Monitoring document. According to DHS,
The attached technical requirements for continuous monitoring and cloud boundary defense serve as a proposed path forward for implementing federal information systems and cloud cybersecurity.
From: SANS Institute
DHS Releases Detailed Specification for Software Tools for Continuous
Monitoring and Cloud Boundary Protection Automation (June 25, 2012) In a meeting at the Wilber Cohen Auditorium in Washington this morning DHS officials rolled out and explained the new Federal Continuous Monitoring and Cloud Boundary Defense product and service specifications. Every major security vendor and integrator was in the room, along with many smaller vendors. (The feds had been briefed yesterday.) The vendors were highly complimentary, saying it was the first time they had seen any specifications from DHS that were as thorough and well thought out as these. A few vendors privately expressed concern that their engineers had “a lot of work to do to meet these specs.” The DHS specifications are likely to set the global benchmark for tools that automate continuous monitoring and mitigation. It will be very hard for any security software vendor to sell products if their products cannot meet these specs, especially because the President put $200 million in the 2014 US budget to buy automation tools for continuous monitoring.
DHF.Draft_Technical_Requirements
Leave a Reply