oscal.md

Official Pages

• NIST

Vendor News

• https://aws.amazon.com/blogs/security/aws-achieves-the-first-oscal-format-system-security-plan-submission-to-fedramp/

Working Group

• https://github.com/GSA/fedramp-oscal-earlyadopters

Frameworks

• CIS 18

Blogs

• Using a continuous ATO for better compliance and real-time data
• An Orientation to OSCAL in the DevSecOps Pipeline - Oct 2022

Links Pages

• awesome-oscal -

Code

• https://github.com/usnistgov/OSCAL/

Tools

• GSA FedRAMP Automation
• https://github.com/RS-Credentive/oscal-pydantic
• https://github.com/CivicActions/ssp-toolkit
• https://github.com/oscal-compass/compliance-to-policy
• Trestle - an ensemble of tools that enable the creation, validation, and governance of documentation artifacts for compliance needs