NSA co-hosting the 5th Annual IT Security Automation Conference

Registration is now open for the 5th Annual IT Security Automation Conference and Expo scheduled for October 26-29th at the Baltimore Convention Center. The four-day workshop, conference and expo, which is co-hosted with the National Institute of Standards and Technology (NIST), the Defense Information Systems Agency (DISA), and the Department of Homeland Security (DHS), will demonstrate the benefits of automation and standardization of vulnerability management, security management, and security compliance.

In the past, proprietary technologies and methodologies have made it difficult to collect, remediate, and report on mission critical systems and data. Over the past few years, the Vulnerability Analysis and Operations Group (VAO) in the Information Assurance Directorate (IAD) at the National Security Agency (NSA) has played a leadership role in developing security automation standards and fostering the adoption of security automation and security baselines across the DoD. For example, these standards include the Security Content Automation Protocol (SCAP), Common Vulnerability Enumeration (CVE) and the Federal Desktop Core Configuration (FDCC).

This year’s conference will showcase numerous SCAP-validated tools designed to simplify security management in DoD systems, increase interoperability in products, and reduce the cost of vulnerability management for our DoD customers.

Topics to be addressed will include the CND Data Pilot, SCAP validated tools, and emerging standards and specifications for security automation. Keynote speakers will include Tony Sager, NSA; Phil Reitinger, DHS; Richard Hale, DISA; and John Thompson, Symantec. Established by NIST five years ago with an attendance of less than 50 people, the conference is now jointly sponsored by NIST, NSA, DISA and the DHS. Attendance for the conference is expected to be over one thousand.