Greg Witte, Melanie Cook, Matt Kerr, Shane Shaffer
New York : McGraw-Hill, c2012
xviii, 269 p. : ill. ; 23 cm
Achieve a unified view of security across your IT infrastructure using the cutting-edge techniques contained in this authoritative volume. Security Automation Essentials: Streamlined Enterprise Security Management & Monitoring with SCAP lays out comprehensive technical, administrative, and operational strategies for security management. Discover how to define baseline requirements, automatically confirm patches and updates, identify vulnerabilities, write customized auditing content, and evaluate compliance across your enterprise. Throughout, the authors provide detailed case studies and tips on selecting appropriate security components. Understand SCAP (Security Content Automation Protocol) technologies and standards ; Track compliance using benchmarks and scoring systems ; Build machine-readable configuration checks using XCCDF, OVAL, and OCIL ; Perform vulnerability assessments and find misconfiguration ; Maximize product interoperability through the use of standard enumeration ; Assess and monitor residual risk using CVSS values ; Use SCAP editors and XML to create and debug automated checks ; Accurately assess threats using software assurance automation. -- From back cover
PART I SECURITY AUTOMATION ESSENTIALS : A Case for Automation ; What is SCAP?