-
Notifications
You must be signed in to change notification settings - Fork 16
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
added links to BT source code and user guide
- Loading branch information
1 parent
7be81c3
commit 8221c62
Showing
1 changed file
with
150 additions
and
206 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,207 +1,151 @@ | ||
<?xml version="1.0" encoding="UTF-8"?><html xmlns="http://www.w3.org/1999/xhtml"> | ||
|
||
<head> | ||
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> | ||
|
||
<title>Security Content and Tools</title> | ||
<link href="nist_github_header.css" rel="stylesheet" type="text/css" /> | ||
|
||
<link href="styles.css" rel="stylesheet" type="text/css" /><script async="async" id="_fed_an_ua_tag" src="https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=NIST&subagency=github&pua=UA-42404149-54&yt=true&exts=ppsx,pps,f90,sch,rtf,wrl,txz,m1v,xlsm,msi,xsd,f,tif,eps,mpg,xml,pl,xlt,c" type="text/javascript"></script> | ||
</head> | ||
|
||
<body> | ||
|
||
<!-- empty p needed for xmltask --> | ||
|
||
<div class="nist-header"> | ||
|
||
<h1> | ||
<a class="nist-logo" href="http://www.nist.gov/" target="_blank" title="Go to nist.gov">National Institute of Standards and Technology</a> | ||
|
||
</h1> | ||
|
||
<div class="nist-links"> | ||
<a class="nist-links-button" href="http://www.nist.gov" target="_blank">NIST Website</a> | ||
<a class="nist-links-button mobile-hide" href="http://www.nist.gov/public_affairs/nandyou.cfm" target="_blank">About NIST</a> | ||
<a class="nist-links-button mobile-hide" href="https://github.com/usnistgov" target="_blank">usnistgov on Github</a> | ||
|
||
</div> | ||
|
||
</div> | ||
<p></p> | ||
|
||
<h1>Security Content and Tools</h1> | ||
|
||
<p>This site contains a collection of free and publicly available software and data resources | ||
created from the <a href="https://github.com/usnistgov/sctools">sctools</a> GitHub repository. Also included are links to relevant publications. These resources | ||
supplement and complement those available from the <a href="https://nvd.nist.gov">National Vulnerability Database</a>. Also included are links to relevant publications. | ||
<?xml version="1.0" encoding="utf-8" standalone="no"?> | ||
<html xmlns="http://www.w3.org/1999/xhtml"> | ||
<head> | ||
<title>Security Content and Tools</title> | ||
<link href="nist_github_header.css" rel="stylesheet" type="text/css"/> | ||
<link href="styles.css" rel="stylesheet" type="text/css"/> | ||
<script async="async" id="_fed_an_ua_tag" src="https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=NIST&subagency=github&pua=UA-42404149-54&yt=true&exts=ppsx,pps,f90,sch,rtf,wrl,txz,m1v,xlsm,msi,xsd,f,tif,eps,mpg,xml,pl,xlt,c" type="text/javascript"/> | ||
</head> | ||
<body> | ||
<!-- empty p needed for xmltask --> | ||
<div class="nist-header"> | ||
<h1> | ||
<a class="nist-logo" href="http://www.nist.gov/" target="_blank" title="Go to nist.gov">National Institute of Standards and Technology</a> | ||
</h1> | ||
<div class="nist-links"> | ||
<a class="nist-links-button" href="http://www.nist.gov" target="_blank">NIST Website</a> | ||
<a class="nist-links-button mobile-hide" href="http://www.nist.gov/public_affairs/nandyou.cfm" target="_blank">About NIST</a> | ||
<a class="nist-links-button mobile-hide" href="https://github.com/usnistgov" target="_blank">usnistgov on Github</a> | ||
</div> | ||
</div> | ||
<p/> | ||
<h1>Security Content and Tools</h1> | ||
<p>This site contains a collection of free and publicly available software and data resources created from the <a href="https://github.com/usnistgov/sctools">sctools</a> GitHub repository. Also included are links to relevant publications. These resources supplement and complement those available from the <a href="https://nvd.nist.gov">National Vulnerability Database</a>. Also included are links to relevant publications. </p> | ||
<h2>Software</h2> | ||
<dl> | ||
<dt> | ||
<a href="bt.xml"> | ||
<img alt="needle and thread" src="images/Needle_and_thread_silhouette.svg"/>Baseline Tailor</a> | ||
</dt> | ||
<dd>A tool for using the <a href="http://www.nist.gov/cyberframework/">Cybersecurity Framework</a> and for tailoring <a href="http://csrc.nist.gov/groups/SMA/fisma/controls.html">Special Publication 800-53 security controls</a>. Documentation is <a href="http://dx.doi.org/10.6028/NIST.IR.8130">here</a>. | ||
<ul> | ||
<li> | ||
<a href="http://dx.doi.org/10.6028/NIST.IR.8130">User guide</a> | ||
</li> | ||
<li> | ||
<a href="https://github.com/usnistgov/sctools/releases">Source code</a> (for deploying on your own server or filesystem)</li> | ||
</ul> | ||
</dd> | ||
</dl> | ||
<h2>Publications</h2> | ||
<p>Lubell, J. <q>Extending the Cybersecurity Digital Thread with XForms.</q> Balisage Series on Markup Technologies, vol. 15 (2015). doi:<a href="http://dx.doi.org/10.4242/BalisageVol15.Lubell01">10.4242/BalisageVol15.Lubell01</a>.</p> | ||
<p>Lubell, J. <q>Integrating Top-down and Bottom-up Cybersecurity Guidance using XML.</q> Balisage Series on Markup Technologies, vol. 17 (2016). doi:<a href="http://dx.doi.org/10.4242/BalisageVol17.Lubell01">10.4242/BalisageVol17.Lubell01</a>.</p> | ||
<p>Lubell, J. <q>Baseline Tailor User Guide.</q> NISTIR 8130. National Institute of Standards and Technology (2016). doi:<a href="http://dx.doi.org/10.6028/NIST.IR.8130">10.6028/NIST.IR.8130</a>.</p> | ||
<h2>Data and Schemas</h2> | ||
<table border="1" cellpadding="2"> | ||
<thead> | ||
<tr> | ||
<td/> | ||
<td> | ||
<strong>Data</strong> | ||
</td> | ||
<td> | ||
<strong> | ||
<a href="http://www.w3.org/TR/xmlschema-0/">XML Schema</a> | ||
</strong> | ||
</td> | ||
<td> | ||
<strong> | ||
<a href="http://relaxng.org/">RELAX NG</a> | ||
</strong> | ||
</td> | ||
<td> | ||
<strong> | ||
<a href="http://www.schematron.com/">Schematron</a> | ||
</strong> | ||
</td> | ||
</tr> | ||
</thead> | ||
<tbody> | ||
<tr> | ||
<td> | ||
<strong>Cybersecurity Framework Core</strong> | ||
</td> | ||
<td> | ||
<a href="bt-model/core.xml">core.xml</a> | ||
</td> | ||
<td> | ||
<a href="schemas/core.xsd">core.xsd</a> | ||
</td> | ||
<td> | ||
<a href="schemas/core.rnc">core.rnc</a> | ||
</td> | ||
<td>N/A</td> | ||
</tr> | ||
<tr> | ||
<td> | ||
<strong>Framework Profile</strong> | ||
</td> | ||
<td>Generated by<br/>Baseline Tailor</td> | ||
<td> | ||
<a href="schemas/profile.xsd">profile.xsd</a> | ||
</td> | ||
<td> | ||
<a href="schemas/profile.rnc">profile.rnc</a> | ||
</td> | ||
<td>N/A</td> | ||
</tr> | ||
<tr> | ||
<td> | ||
<strong>Tailored Baseline</strong> | ||
</td> | ||
<td>Generated by<br/>Baseline Tailor</td> | ||
<td> | ||
<a href="schemas/tailored.xsd">tailored.xsd</a> | ||
</td> | ||
<td> | ||
<a href="schemas/tailored.rnc">tailored.rnc</a> | ||
</td> | ||
<td> | ||
<a href="schemas/tailored-schematron.xml">tailored-schematron.xml</a> | ||
</td> | ||
</tr> | ||
<tr> | ||
<td> | ||
<strong>NIST Special Publication 800-53<br/>Security Controls</strong> | ||
</td> | ||
<td colspan="2"> | ||
<a href="https://nvd.nist.gov/800-53">Database and XML Downloads</a> | ||
</td> | ||
<td>N/A</td> | ||
<td>N/A</td> | ||
</tr> | ||
</tbody> | ||
</table> | ||
<div class="footer"> | ||
<p> | ||
|
||
Last updated: <span class="updated">2017/09/01</span> | ||
<br/> | ||
|
||
Contact: <strong> | ||
<a href="mailto:[email protected]">Joshua | ||
Lubell</a> | ||
</strong> | ||
|
||
</p> | ||
|
||
<h2>Software</h2> | ||
|
||
<dl> | ||
|
||
<dt><a href="bt.xml"><img alt="needle and thread" src="images/Needle_and_thread_silhouette.svg" />Baseline Tailor</a></dt> | ||
|
||
<dd>A tool for using the <a href="http://www.nist.gov/cyberframework/">Cybersecurity Framework</a> and for tailoring <a href="http://csrc.nist.gov/groups/SMA/fisma/controls.html">Special Publication 800-53 security controls</a>. Documentation is <a href="http://dx.doi.org/10.6028/NIST.IR.8130">here</a>. | ||
|
||
</dd> | ||
|
||
</dl> | ||
|
||
<h2>Publications</h2> | ||
|
||
<p>Lubell, J. <q>Extending the Cybersecurity Digital Thread with XForms.</q> Balisage Series on Markup Technologies, vol. 15 (2015). doi:<a href="http://dx.doi.org/10.4242/BalisageVol15.Lubell01">10.4242/BalisageVol15.Lubell01</a>. | ||
</p> | ||
|
||
<p>Lubell, J. <q>Integrating Top-down and Bottom-up Cybersecurity Guidance using XML.</q> Balisage Series on Markup Technologies, vol. 17 (2016). doi:<a href="http://dx.doi.org/10.4242/BalisageVol17.Lubell01">10.4242/BalisageVol17.Lubell01</a>. | ||
</p> | ||
|
||
<p>Lubell, J. <q>Baseline Tailor User Guide.</q> NISTIR 8130. National Institute of Standards and Technology (2016). doi:<a href="http://dx.doi.org/10.6028/NIST.IR.8130">10.6028/NIST.IR.8130</a>. | ||
</p> | ||
|
||
<h2>Data and Schemas</h2> | ||
|
||
<table border="1" cellpadding="2"> | ||
|
||
<thead> | ||
|
||
<tr> | ||
|
||
<td></td> | ||
|
||
<td><strong>Data</strong></td> | ||
|
||
<td><strong><a href="http://www.w3.org/TR/xmlschema-0/">XML Schema</a></strong></td> | ||
|
||
<td><strong><a href="http://relaxng.org/">RELAX NG</a></strong></td> | ||
|
||
<td><strong><a href="http://www.schematron.com/">Schematron</a></strong></td> | ||
|
||
</tr> | ||
|
||
</thead> | ||
|
||
<tbody> | ||
|
||
<tr> | ||
|
||
<td><strong>Cybersecurity Framework Core</strong></td> | ||
|
||
<td><a href="bt-model/core.xml">core.xml</a></td> | ||
|
||
<td><a href="schemas/core.xsd">core.xsd</a></td> | ||
|
||
<td><a href="schemas/core.rnc">core.rnc</a></td> | ||
|
||
<td>N/A</td> | ||
|
||
</tr> | ||
|
||
<tr> | ||
|
||
<td><strong>Framework Profile</strong></td> | ||
|
||
<td>Generated by<br />Baseline Tailor | ||
</td> | ||
|
||
<td><a href="schemas/profile.xsd">profile.xsd</a></td> | ||
|
||
<td><a href="schemas/profile.rnc">profile.rnc</a></td> | ||
|
||
<td>N/A</td> | ||
|
||
</tr> | ||
|
||
<tr> | ||
|
||
<td><strong>Tailored Baseline</strong></td> | ||
|
||
<td>Generated by<br />Baseline Tailor | ||
</td> | ||
|
||
<td><a href="schemas/tailored.xsd">tailored.xsd</a></td> | ||
|
||
<td><a href="schemas/tailored.rnc">tailored.rnc</a></td> | ||
|
||
<td><a href="schemas/tailored-schematron.xml">tailored-schematron.xml</a></td> | ||
|
||
</tr> | ||
|
||
<tr> | ||
|
||
<td><strong>NIST Special Publication 800-53<br />Security Controls</strong></td> | ||
|
||
<td colspan="2"><a href="https://nvd.nist.gov/800-53">Database and XML Downloads</a></td> | ||
|
||
<td>N/A</td> | ||
|
||
<td>N/A</td> | ||
|
||
</tr> | ||
|
||
</tbody> | ||
|
||
</table> | ||
|
||
<div class="footer"> | ||
|
||
<p> | ||
|
||
Last updated: <span class="updated">2017/08/31</span><br /> | ||
|
||
Contact: <strong><a href="mailto:[email protected]">Joshua | ||
Lubell</a></strong> | ||
|
||
|
||
</p> | ||
|
||
</div> | ||
|
||
<p></p> | ||
<div> | ||
|
||
<hr /> | ||
|
||
<p style="color:#777"> | ||
PLEASE NOTE: This is an experimental website. NIST does not endorse the views expressed, | ||
or necessarily concur with the information presented on these sites. Further, NIST | ||
does not endorse any commercial products that may be mentioned on these sites. All | ||
the material on this website is in the public domain and is intended for unrestricted | ||
use by interested parties, including any text, diagrams, or images, unless indicated | ||
explicitly. | ||
</p> | ||
|
||
<p style="color:#777">This website represents components defined in the NIST Framework for Improving Critical | ||
Infrastructure Cybersecurity and security controls and associated assessment procedures | ||
defined in NIST SP 800-53 Revision 4 Recommended Security Controls for Federal Information | ||
Systems and Organizations. For any discrepancies noted in the content between this | ||
website and the latest published NIST Cybersecurity Framework or Special Publication | ||
SP 800-53 Revision 4, please defer to the official published documents that are posted | ||
on <a href="http://csrc.nist.gov" target="_blank">http://csrc.nist.gov</a>. | ||
</p> | ||
|
||
<p style="color:#777">Certain commercial equipment, instruments, materials, systems, software, and trade | ||
names may be identified throughout this site in order to specify or identify technologies | ||
adequately. Such identification is not intended to imply recommendation or endorsement | ||
by NIST or any other party, nor is it intended to imply that the systems or products | ||
identified are necessarily the best available for the purpose. All data and other | ||
information posted on this site is provided as a public service and is provided 'AS | ||
IS.' NIST MAKES NO WARRANTY OF ANY KIND, EXPRESS, IMPLIED OR STATUTORY, INCLUDING, | ||
WITHOUT LIMITATION, THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR | ||
PURPOSE, NON-INFRINGEMENT AND DATA ACCURACY. | ||
</p> | ||
|
||
<p style="color:#777">By selecting external links, you will be leaving NIST webspace. Links to other websites | ||
are provided because they may have information that would be of interest to you. No | ||
inferences should be drawn on account of other sites being referenced, or not, from | ||
this page. There may be other websites that are more appropriate for your purpose. | ||
</p> | ||
<br /><a href="http://www.nist.gov/public_affairs/privacy.cfm#privpolicy" target="_blank">Privacy Policy</a> | <a href="http://www.nist.gov/public_affairs/privacy.cfm#secnot" target="_blank">Security Notice</a> | <a href="http://www.nist.gov/public_affairs/privacy.cfm#accesstate" target="_blank">Accessibility Statement</a> | <a href="mailto:[email protected]?subject=Feedback%20on%20NISTGithubPages">Send feedback</a> | ||
|
||
</div> | ||
|
||
|
||
</body> | ||
|
||
</html> | ||
</div> | ||
<p/> | ||
<div> | ||
<hr/> | ||
<p style="color:#777"> | ||
PLEASE NOTE: This is an experimental website. NIST does not endorse the views expressed, or necessarily concur with the information presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. All the material on this website is in the public domain and is intended for unrestricted use by interested parties, including any text, diagrams, or images, unless indicated explicitly.</p> | ||
<p style="color:#777">This website represents components defined in the NIST Framework for Improving Critical Infrastructure Cybersecurity and security controls and associated assessment procedures defined in NIST SP 800-53 Revision 4 Recommended Security Controls for Federal Information Systems and Organizations. For any discrepancies noted in the content between this website and the latest published NIST Cybersecurity Framework or Special Publication SP 800-53 Revision 4, please defer to the official published documents that are posted on <a href="http://csrc.nist.gov" target="_blank">http://csrc.nist.gov</a>.</p> | ||
<p style="color:#777">Certain commercial equipment, instruments, materials, systems, software, and trade names may be identified throughout this site in order to specify or identify technologies adequately. Such identification is not intended to imply recommendation or endorsement by NIST or any other party, nor is it intended to imply that the systems or products identified are necessarily the best available for the purpose. All data and other information posted on this site is provided as a public service and is provided 'AS IS.' NIST MAKES NO WARRANTY OF ANY KIND, EXPRESS, IMPLIED OR STATUTORY, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT AND DATA ACCURACY.</p> | ||
<p style="color:#777">By selecting external links, you will be leaving NIST webspace. Links to other websites are provided because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose.</p> | ||
<br/> | ||
<a href="http://www.nist.gov/public_affairs/privacy.cfm#privpolicy" target="_blank">Privacy Policy</a> | <a href="http://www.nist.gov/public_affairs/privacy.cfm#secnot" target="_blank">Security Notice</a> | <a href="http://www.nist.gov/public_affairs/privacy.cfm#accesstate" target="_blank">Accessibility Statement</a> | <a href="mailto:[email protected]?subject=Feedback%20on%20NISTGithubPages">Send feedback</a> | ||
</div> | ||
|
||
</body> | ||
</html> |