On April 29th 2008, as a facility member of The Institute of Applied Network Security, Rocky DeStefano will be facilitating an Executive Roundtable for DC Area IT Execs around “What works in FDCC and SCAP”.

I’ve been asked by the Institute (IANETSEC) to facilitate a what works in SCAP and FDCC discussion.  This is a co-sponsored round-table event between the Institute and Tenable Network Security for Washington DC area IT Executives.  If you haven’t yet experienced these Institute of Applied Network Security events I encourage you to seek a local event out and give it a try.  The format was eye-opening to me and the benefits of this open dialogue are simply amazing.  As simple as it sounds, you put just enough smart minds in a room with a shared problem set and let them share lessons learned in a focused manner and you get real results… I love being involved in these discussions and can’t wait to attend on Tuesday!

Some NIST SCAP Resources:
1. NIST Presentations on SCAP
2. SCAP Checklists
3. SCAP Validated Products
4. SCAP Validation Program

Supporting my clients in DC, I live and breath FDCC, SCAP and recently I’ve been very focused on The Trusted Internet Connection (TIC) so I’m intrigued to see how other Federal entities solve (or are hoping to solve) the FDCC/SCAP issues they have.  I’ll leave TIC for another post and hopefully we can address it in a “What works” session in the future.  In any case.  I’ll post some of my lessons learned in an update to this post when I can!