This talk covers the background and technologies used in the development of the Open Source System Integrity Management Platform (SIMP). The project is designed for automating operational compliance of Red Hat and CentOS-based systems with DoD, Federal, and Commercial regulations including, but not limited to, NIST 800-53, DISA STIGs, and PCI-DSS. Originally released as Open Source by the National Security Agency, the SIMP community is working toward an extendable platform that can help public and private systems meet regulatory requirements.
Regulatory Compliance with Open Source Software
Submitted by JonathanD on 2017, June 20 - 21:58
One of the co-founders of Onyx Point, Inc., Trevor has been working in various security, systems administration, and automation related fields for over 20 years. Recently, he has been focusing on automated compliance for Federal and commercial systems and helped start Open Source SIMP project to help provide that capability to the widest audience possible.