Awesome OSCAL, Now More Awesome with Content!
What’s Happening in the OSCAL World?
It has been an interesting few months in the OSCAL community. For those who follow the club on social media, like our own LinkedIn or Twitter posts or even the industry buzz more generally, you have likely observed a delightful new trend.
In those few months, more and more organizations are producing OSCAL content. NIST’s OSCAL Team, and the GSA FedRAMP program alongside them, were the few publicly producing OSCAL content, but no more. In the last few months, other important organizations in the cybersecurity industry have published.
We have seen the Center for Internet Security, U.S. government agencies like the Center for Medicare and Medicare Services, and even the Australian government’s Cyber Security Centre release their catalogs of security controls in OSCAL. These publications are in addition to many commercial entities advertising their use of OSCAL in the press.
What’s OSCAL Club Doing About It?
These are exciting times! We in OSCAL Club want to help maintain, maybe even increase, that momentum. With that in mind, we are going to extend Awesome OSCAL to include a content section.
- Are you an avid community member and found awesome content you want to share with the community? Do you present the organization publishing this content? Either way, open an issue and let us know!
- Do you have OSCAL content and you do not have a place to share it with the community? Whether you are an expert developer with perfectly well-formed, valid content or rough samples where you want community feedback to help improve, reach out to us at GitHub repository for examples. We will support you, help publish samples, and give you a place to collaboratively discuss and develop those examples.
Sharing is an important part of any community, and especially one centered on our beloved format designed to exchange data. We hope this step will help you join us on the worldwide OSCAL journey!