From c166619591ce7e03ff39a665bbef3e957470bc5a Mon Sep 17 00:00:00 2001 From: Marilyn Nguyen Date: Thu, 6 Feb 2025 15:24:18 -0500 Subject: [PATCH] Update Events Calendar and Mini Workshop Page Details --- src/content/events/_index.md | 35 ++++++-- .../presentations/mini-workshop/_index.md | 88 +++++++++++-------- 2 files changed, 79 insertions(+), 44 deletions(-) diff --git a/src/content/events/_index.md b/src/content/events/_index.md index daf2df54..4c7d31e6 100644 --- a/src/content/events/_index.md +++ b/src/content/events/_index.md @@ -13,7 +13,7 @@ menu: ## Calendar -The NIST OSCAL Team has a public calendar for the community to keep current with the meetings above and other public events hosted by the team. +The NIST OSCAL Team has a public calendar for the community to keep current with the meetings above and other public events hosted by the team. You can access the [web version of this calendar by clicking this link](https://outlook.office365.com/owa/calendar/97cb6b6254524d86aa63c32b74bd1337@nist.gov/494010486be740b3a9bb16964e8992e016522353741654500565/calendar.html) or configure your calendar application [with this iCalendar (ICS) file](https://outlook.office365.com/owa/calendar/97cb6b6254524d86aa63c32b74bd1337@nist.gov/494010486be740b3a9bb16964e8992e016522353741654500565/calendar.ics). @@ -26,7 +26,8 @@ You can access the [web version of this calendar by clicking this link](https://

Open on the web

-

Open the calendar on the web to immediately see this month's events without configuring it in an application on your computer or mobile device.

+

Open the calendar on the web to immediately see this month's events without need to configure it in an application on your computer or mobile device.

+

For more event details, simply click the TinyURL link provided in the event's location.

-## Recurring Events Details -The NIST OSCAL team hosts meetings and other events with the OSCAL community on different topics. -- **OSCAL DEFINE Meeting**: A monthly meeting on the third Thursday of every month to discuss the research and educational pursuits of OSCAL using an iterative and collaborative approach with the community. [The meeting page](../contribute/define-meeting/) has meeting information as well as slides and notes from past sessions. -- **OSCAL Model Engineering Meeting**: A bi-weekly meeting to discuss OSCAL models, how they are developed, and development efforts by NIST staff and the greater OSCAL community using them. [The meeting page](../contribute/model-engineering-meeting/) has meeting information as well as slides and notes from past sessions. +## Recurring Events Details + +The NIST OSCAL team hosts meetings and other events with the OSCAL community on different topics. We encourage you to attend these meetings as a way to keep up-to-date on and contribute to the development of OSCAL. +

+- ### **OSCAL Mini Workshops** + The NIST OSCAL team is hosting a new series of mini workshops, that aims to address topics of interests for our community and to open tihs forum for its members to present their OSCAL-related work. Unless specifically states, the workshops will not require a deep technical understanding of OSCAL, and the dialogue is informal, allowing the community to interact with the presenters and with the OSCAL team members. + + **[The Mini Workshops page](../learn/presentations/mini-workshop/)** contains a masterlist of all mini-workshop recordings and presentation slides. + + **For up-to-date information about the workshops, please visit our [OSCAL CSRC](https://csrc.nist.gov/projects/open-security-controls-assessment-language/oscal-adopters-workshops) page.** + + #### Don't miss out on the next session-simply click on the Zoom link to join: [Zoom Link](https://nist.zoomgov.com/j/1609845104?pwd=eENkemtvbGdETkJ4UnpCY2F1QlgxZz09) + + Meeting ID: 160 984 5104 + + Passcode: 10782510 +# -We encourage you to attend these meetings as a way to keep up-to-date on and contribute to the development of OSCAL. + +- ### **OSCAL Conference Details** + These OSCAL conference workshops will provide attendees an opportunity to familiarize themselves and build skills in the development and use of OSCAL. We encourage developers of control-oriented security tools, and organizations that want to use or create OSCAL-based information, to register and attend the workshop. + - [4th NIST OSCAL Workshop](../learn/presentations/oscal-workshop-2023-04) - May 23, 2023 + - [3rd NIST OSCAL Workshop](../learn/presentations/oscal-workshop-2022-03) - March 1-2, 2022 + - [2nd NIST OSCAL Workshop](../learn/presentations/oscal-workshop-2021-02) - February 2-3, 2021 + - [1st NIST OSCAL Workshop](../learn/presentations/OSCAL-workshop-20191105.pdf) - November 5, 2019 diff --git a/src/content/learn/presentations/mini-workshop/_index.md b/src/content/learn/presentations/mini-workshop/_index.md index 219b3bcf..0323ba1f 100644 --- a/src/content/learn/presentations/mini-workshop/_index.md +++ b/src/content/learn/presentations/mini-workshop/_index.md @@ -36,61 +36,75 @@ We encourage proposals from a diverse array of organizations and individuals wit Please find below the calendar of proposed dates. Before submitting a proposal, please consult the calendar and indicate the preferred date with your submission and the duration of your presentation (60 min, including Q&A). We will do our best to update the calendar as soon as a submission is approved. Submit your proposal via email to [oscal@nist.gov](mailto:oscal@nist.gov), with the subject line: “OSCAL Workshop - [Date: yyyy/mm/dd]”, where the “Date” is the selected date from the calendar below. Please include in your submission a pre-assessment of the OSCAL knowledge level the audience will need using a 4-levels scale with level one (L1/bronze) being equivalent to novice and level four (L4/platinum) being an OSCAL expert. +# +--- +## Attend the Next Mini Workshop Event +We'd love for you to be a part of our upcoming virtual OSCAL Mini Workshop! These engaging workshops are held monthly, typically around the middle of the month. **For up-to-date information about the workshops, please visit our [OSCAL CSRC](https://csrc.nist.gov/projects/open-security-controls-assessment-language/oscal-adopters-workshops) page.** + +**Visit our [Events Page](../../../events/)** to explore an interactive web calendar and download our iCalendar for seamless access to both upcoming and past events. + +#### Don't miss out on the next upcoming session! Simply click on the Zoom link to join: [Zoom Link](https://nist.zoomgov.com/j/1609845104?pwd=eENkemtvbGdETkJ4UnpCY2F1QlgxZz09) + +Meeting ID: 160 984 5104 + +Passcode: 10782510 +# -[Join the meetings here](https://bluejeans.com/743906781/9254) or dial one of the following numbers: -+1.202.795.3352,,, 743 906 781 ,,, 9254 (United States (Washington DC)) -+1.408.317.9254,,, 743 906 781 ,,, 9254 (US (San Jose)) -(To see all available numbers, go to: [https://www.bluejeans.com/numbers](https://www.bluejeans.com/numbers)) -Enter the meeting ID and passcode as follows: -Meeting ID: 743 906 781 -Participant Passcode: 9254 +--- + +## Workshops Calendar: jump to: [2025](#2025), [2024](#2024), [2023](#2023), [2022](#2022) + +### 2025 +| Date | Time | Talk/Demo/Discussion | Presenter & Affiliation | Type | +| :--: | :--: | :------------------: | :---------------------: | :--: | +| **2025/2/19** | 11:00AM-12:00PM EDT | The OSCAL Implementer's Guide: Strategies, Lessons, and Best Practices | **Macy Smith**, Vice President & Co Founder, *USAI*; **Matthew Coughlin**, Information System Security Officer, *USAI* | *Recording will be available after the workshop concludes.* | +| **2025/1/15** | 11:00AM-12:00PM EDT | From One-Size-Fits-All to Right-Sizing: Adapting OSCAL for the Singapore Government's Tech Standards | **Hunter Nield**, Distinguished Engineer, *GovTech Singapore*; **Eugene Lim**, Lead Cybersecurity Engineer, *GovTech Singapore* | [presentation](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/2025/1.15.2025_GovTechSingapore.pdf), [video part 1](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/2025/PART1_1.15.2025_GovTech.mp4), [video part 2](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/2025/PART2_1.15.2025_GovTech.mp4), [video part 3](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/2025/PART3_1.15.2025_GovTech.mp4), [transcript](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/2025/CAPTIONS_1.15.2025_GovTech.txt) | -## Workshops Calendar: jump to: [2024](#2024), [2023](#2023), [2022](#2022) ### 2024 | Date | Time | Talk/Demo/Discussion | Presenter & Affiliation | Type | | :--: | :--: | :------------------- | :---------------------- | :--: | -| **2024/1/14** | 11:00AM-12:00PM EDT | A Developer's View of OSCAL - Experiences and recommendations for implementing OSCAL Libraries | **Rob Sherwood**, Principal Consultant, *Credentive Security* | [presentation](https://csrc.nist.gov/csrc/media/presentations/2024/oscal-mini-workshops/20240117-Sherwood-Programmers%20view%20of%20OSCAL.pdf), [video part 1](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/Part1_1.17.2024_A-developers-view-of-oscal_R.Sherwood.mp4), [video part 2](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/Part2_1.17.2024_A-developers-view-of-oscal_R.Sherwood.mp4), [transcript](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/Captions_1.17.2024_R.Sherwood.txt) | -| **2024/02/15** | 11:00AM-12:00PM EDT | PwC Compliance as Code with OSCAL | **Tom Nash**, PwC, *UK*; **Joshua Kong**, PwC, *UK* | [presentation](https://csrc.nist.gov/csrc/media/presentations/2024/oscal-mini-workshops/20240221-Nash-PWC-OSCAL%20Demo%20for%20NIST_Slides_Nov-2023.pdf) | -| **2024/03/20** | 11:00AM-12:00PM EDT | OSCAL Community Capabilities | **Brian Ruf**, Director of Cybersecurity, *Easy Dynamics*; **Chris Robles**, CTO Strategic Advisor, Security and Product Development (Consultant), *Easy Dynamics*| [presentation](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/documents/20240320-%20ED-OSCAL%20Community%20Capabilities%202024-03-20.pdf), [video part 1](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/Part1_3.20.2024_Easy-Dynamics_OSCAL-Community-Collaboration.mp4), [video part 2](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/Part2_3.20.2024_Easy-Dynamics_OSCAL-Community-Collaboration.mp4), [video part 3](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/Part3_3.20.2024_Easy-Dynamics_OSCAL-Community-Collaboration.mp4), [transcript](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/3.20.2024_OSCAL-Community-Capabilities-Captions.txt) | -| **2024/04/03 SPECIAL EDITION** | 11:00AM-12:00PM EDT | Streamlining CMMC Compliance Deliverables with OSCAL | **Kenny Scott**, Co-Founder & CEO, *Paramify* | [presentation](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/Streamlining%20CMMC%20Deliverables%20with%20OSCAL%20(1).pdf), [video](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/Paramity-Kenny_Scott_2024.04.03_withcaption.mp4), [transcript](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/documents/oscal-mini-workshop-22-Paramify/Paramity-Kenny_Scott_2024.04.03.cc.vtt) | -| **2024/04/17** | 11:00AM-12:00PM EDT | Automated Governance - Modular Assessments for Quick Feedback Loops | **Brandt Keller**, OSS Maintainer, *Defense Unicorns* | [presentation](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/Automated%20Governance%20-%20Modular%20Assessments%20V2.pdf), [video](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/DefenseUnicorns_20240417_withcaptions_part1.mp4), [demo](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/DefenseUnicorns_20240417_withcaptions_part2.mp4) | -| **2024/05/15** | 11:00AM-12:00PM EDT | Adoption of OSCAL in ServiceNow CAM (Continuous Authorization & Monitoring)| **Dharav Devani**, *ServiceNow*; **Ayush Srivanstava**, *ServiceNow*| [presentation](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/Adoption%20of%20OSCAL%20-%20ServiceNow%20CAM.pdf)| -| **2024/06/05 SPECIAL EDITION** | 11:00AM-12:00PM EDT | ATO as Code - Enabling Cybersecurity Modernization Through Risk Management Framework Compliance Automation | **Gaurav Pal**, *stackArmor* | [presentation](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/ACT-IAC_Cyber_COI-%20ATOasCode.pdf), [video part 1](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/part1_2024.6.05_ATO-as-code.mp4), [video part 2](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/part2_2024.6.05_ATO-as-code.mp4), [video part 3](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/part3_2024.6.05_ATO-as-code.mp4), [transcript](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/ATO-as-code_2024.6.05_Transcript.txt) | -| **2024/06/20** | 11:00AM-12:00PM EDT | Automating Compliance Narratives and Artifacts in AWS | **Rick Kidder*, USN (Ret), Senior Certified Cloud Security Specialist, *AWS* | [presentation](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/2024.06.20_SHCA_OSCAL%20Presentation.pdf), [video part 1](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/Part-1_2024.06.20_Automating-Compliance-AWS-Rick_Kidder.mp4), [video part 2](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/Part-2_2024.06.20_Automating-Compliance-AWS-Rick_Kidder.mp4), [video part 3](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/Part-3_2024.06.20_Automating-Compliance-AWS-Rick_Kidder.mp4), [transcript](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/Automating-Compliance-AWS-Rick_Kidder_2024.06.20.transcript.vtt) | -| **2024/07/17** | 11:00AM-12:00PM EDT | OSCAL-COMPASS - Open Security Control Assessment Language Compliance Automated Standard Solution | **Vikas Agarwal**, Senior Research Scientist, *IBM*; **Manjiree Gadgil**, Engineering Manager, *IBM*; **Jenn Power**, Senior Product Security Engineer, *RedHat*; **Anca Sailer**, Distinguised Engineer, *IBM*; **Takumi Yanagawa**, Senior Engineer, *IBM*| [presentation](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/7.17.2024_oscal-compass-End-to-End.pdf), [video](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/7.17.2024_IBM-Redhat_OSCAL-COMPASS.mp4), [transcript](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/7.17.2024_IBM-Redhat_Captions.txt)| -| **2024/09/18** | 11:00AM-12:00PM EDT | Digital Authorizations: FedRAMP Modernization using OSCAL | **David Waltermire**, *FedRAMP*; **Rene-Claude Tshiteya**, *FedRAMP*| [presentation](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/OSCAL%20Mini%20Workshop%20Series%20Presentation%209.18.2024.pdf), [video part 1](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/Part1_9.18.2024_FedRAMP.mp4), [video part 2](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/Part2_9.18.2024_FedRAMP.mp4), [transcript](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/9.18.2024_FedRAMP_CAPTIONS.txt) | -| **2024/11/06 SPECIAL EDITION** | 11:00AM-12:00PM EDT | Compliance Framework: An OSCAL-based framework for recording and reporting an audit state | **Ian Miell**, Partner, *Container Solutions*; **Christiaan Vermeulen**, Principal Consultant, *Container Solutions* | [presentation](https://cms.csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/11.06.2024_ContainerSolutions.pdf), [video part 1](https://cms.csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/PART1_11.06.2024_ContainerSolutions.mp4), [video part 2](https://cms.csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/PART2_11.06.2024_ContainerSolutions.mp4), [transcript](https://cms.csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/CAPTIONS_11.06.2024_ContainerSolutions.txt) | | **2024/11/20** | 11:00AM-12:00PM EDT | Leveraging OSCAL to support cybersecurity lifecycle management | **Sara Nieves Matheu Garcia**, Post Doctoral Researcher, *University of Murcia, Spain*; **Antonio Skarmeta**, Full Professor, *University of Murcia, Spain* | [presentation](https://cms.csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/11.06.2024_COBALT.pdf), [video part 1](https://cms.csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/PART1_11.20.2024_COBALT.mp4), [video part 2](https://cms.csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/PART2_11.20.2024_COBALT.mp4), [video part 3](https://cms.csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/PART3_11.20.2024_COBALT.mp4), [transcript](https://cms.csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/CAPTIONS_11.20.2024_COBALT.txt) | +| **2024/11/06 SPECIAL EDITION** | 11:00AM-12:00PM EDT | Compliance Framework: An OSCAL-based framework for recording and reporting an audit state | **Ian Miell**, Partner, *Container Solutions*; **Christiaan Vermeulen**, Principal Consultant, *Container Solutions* | [presentation](https://cms.csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/11.06.2024_ContainerSolutions.pdf), [video part 1](https://cms.csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/PART1_11.06.2024_ContainerSolutions.mp4), [video part 2](https://cms.csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/PART2_11.06.2024_ContainerSolutions.mp4), [transcript](https://cms.csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/CAPTIONS_11.06.2024_ContainerSolutions.txt) | +| **2024/09/18** | 11:00AM-12:00PM EDT | Digital Authorizations: FedRAMP Modernization using OSCAL | **David Waltermire**, *FedRAMP*; **Rene-Claude Tshiteya**, *FedRAMP*| [presentation](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/OSCAL%20Mini%20Workshop%20Series%20Presentation%209.18.2024.pdf), [video part 1](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/Part1_9.18.2024_FedRAMP.mp4), [video part 2](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/Part2_9.18.2024_FedRAMP.mp4), [transcript](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/9.18.2024_FedRAMP_CAPTIONS.txt) | +| **2024/07/17** | 11:00AM-12:00PM EDT | OSCAL-COMPASS - Open Security Control Assessment Language Compliance Automated Standard Solution | **Vikas Agarwal**, Senior Research Scientist, *IBM*; **Manjiree Gadgil**, Engineering Manager, *IBM*; **Jenn Power**, Senior Product Security Engineer, *RedHat*; **Anca Sailer**, Distinguised Engineer, *IBM*; **Takumi Yanagawa**, Senior Engineer, *IBM*| [presentation](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/7.17.2024_oscal-compass-End-to-End.pdf), [video](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/7.17.2024_IBM-Redhat_OSCAL-COMPASS.mp4), [transcript](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/7.17.2024_IBM-Redhat_Captions.txt)| +| **2024/06/20** | 11:00AM-12:00PM EDT | Automating Compliance Narratives and Artifacts in AWS | **Rick Kidder*, USN (Ret), Senior Certified Cloud Security Specialist, *AWS* | [presentation](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/2024.06.20_SHCA_OSCAL%20Presentation.pdf), [video part 1](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/Part-1_2024.06.20_Automating-Compliance-AWS-Rick_Kidder.mp4), [video part 2](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/Part-2_2024.06.20_Automating-Compliance-AWS-Rick_Kidder.mp4), [video part 3](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/Part-3_2024.06.20_Automating-Compliance-AWS-Rick_Kidder.mp4), [transcript](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/Automating-Compliance-AWS-Rick_Kidder_2024.06.20.transcript.vtt) | +| **2024/06/05 SPECIAL EDITION** | 11:00AM-12:00PM EDT | ATO as Code - Enabling Cybersecurity Modernization Through Risk Management Framework Compliance Automation | **Gaurav Pal**, *stackArmor* | [presentation](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/ACT-IAC_Cyber_COI-%20ATOasCode.pdf), [video part 1](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/part1_2024.6.05_ATO-as-code.mp4), [video part 2](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/part2_2024.6.05_ATO-as-code.mp4), [video part 3](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/part3_2024.6.05_ATO-as-code.mp4), [transcript](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/ATO-as-code_2024.6.05_Transcript.txt) | +| **2024/05/15** | 11:00AM-12:00PM EDT | Adoption of OSCAL in ServiceNow CAM (Continuous Authorization & Monitoring)| **Dharav Devani**, *ServiceNow*; **Ayush Srivanstava**, *ServiceNow*| [presentation](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/Adoption%20of%20OSCAL%20-%20ServiceNow%20CAM.pdf)| +| **2024/04/17** | 11:00AM-12:00PM EDT | Automated Governance - Modular Assessments for Quick Feedback Loops | **Brandt Keller**, OSS Maintainer, *Defense Unicorns* | [presentation](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/Automated%20Governance%20-%20Modular%20Assessments%20V2.pdf), [video](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/DefenseUnicorns_20240417_withcaptions_part1.mp4), [demo](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/DefenseUnicorns_20240417_withcaptions_part2.mp4) | +| **2024/04/03 SPECIAL EDITION** | 11:00AM-12:00PM EDT | Streamlining CMMC Compliance Deliverables with OSCAL | **Kenny Scott**, Co-Founder & CEO, *Paramify* | [presentation](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/Streamlining%20CMMC%20Deliverables%20with%20OSCAL%20(1).pdf), [video](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/Paramity-Kenny_Scott_2024.04.03_withcaption.mp4), [transcript](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/documents/oscal-mini-workshop-22-Paramify/Paramity-Kenny_Scott_2024.04.03.cc.vtt) | +| **2024/03/20** | 11:00AM-12:00PM EDT | OSCAL Community Capabilities | **Brian Ruf**, Director of Cybersecurity, *Easy Dynamics*; **Chris Robles**, CTO Strategic Advisor, Security and Product Development (Consultant), *Easy Dynamics*| [presentation](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/documents/20240320-%20ED-OSCAL%20Community%20Capabilities%202024-03-20.pdf), [video part 1](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/Part1_3.20.2024_Easy-Dynamics_OSCAL-Community-Collaboration.mp4), [video part 2](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/Part2_3.20.2024_Easy-Dynamics_OSCAL-Community-Collaboration.mp4), [video part 3](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/Part3_3.20.2024_Easy-Dynamics_OSCAL-Community-Collaboration.mp4), [transcript](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/3.20.2024_OSCAL-Community-Capabilities-Captions.txt) | +| **2024/02/15** | 11:00AM-12:00PM EDT | PwC Compliance as Code with OSCAL | **Tom Nash**, PwC, *UK*; **Joshua Kong**, PwC, *UK* | [presentation](https://csrc.nist.gov/csrc/media/presentations/2024/oscal-mini-workshops/20240221-Nash-PWC-OSCAL%20Demo%20for%20NIST_Slides_Nov-2023.pdf) | +| **2024/1/14** | 11:00AM-12:00PM EDT | A Developer's View of OSCAL - Experiences and recommendations for implementing OSCAL Libraries | **Rob Sherwood**, Principal Consultant, *Credentive Security* | [presentation](https://csrc.nist.gov/csrc/media/presentations/2024/oscal-mini-workshops/20240117-Sherwood-Programmers%20view%20of%20OSCAL.pdf), [video part 1](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/Part1_1.17.2024_A-developers-view-of-oscal_R.Sherwood.mp4), [video part 2](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/Part2_1.17.2024_A-developers-view-of-oscal_R.Sherwood.mp4), [transcript](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/Captions_1.17.2024_R.Sherwood.txt) | ### 2023 | Date | Time | Talk/Demo/Discussion | Presenter & Affiliation | Type | | :--: | :--: | :------------------- | :---------------------- | :--: | -| **2023/02/01 SPECIAL EDITION** | 11:00AM-12:00PM EDT | A Modern Authorization and Accreditation Platform Enabled by OSCAL | **John Tibbits**, Principal, *IMPLERUS Corporation*; **Marcin Staszewski**, Chief Development Officer, *IMPLERUS Corporation* | [presentation](https://csrc.nist.gov/csrc/media/Presentations/2023/oscal-mini-workshop-9-implerus/Synergeo%20PPT-v1.4%20NIST%2031-JAN-2023%20v3.pdf), [video & demo](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/2.01.2023_Modern-Authorization-and-Accreditation_John-Tibbitts.mp4), [transcript](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/2.15.2023_Googles-Internal-OSCAL-Adoption_CAPTIONS.txt) | -| 2023/02/15 | 11:00AM-12:00PM EDT | Google's Internal OSCAL Adoption | **Vikram Khare**, Director – Continuous Assurance and Controls Engineering, *Google*; **Val Mihai**, Cloud CISO - Continuous Assurance and Controls Engineering, *Google* | [presentation](https://csrc.nist.gov/csrc/media/Presentations/2023/oscal-mini-workshop-10-Google/Google_OSCAL_Presentation.pdf), [video](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/2.15.2023_Googles-Internal-OSCAL-Adoption_VKhare-VMihai.mp4), [transcript](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/2.15.2023_Googles-Internal-OSCAL-Adoption_CAPTIONS.txt) | -| **2023/03/01 SPECIAL EDITION** | 11:00AM-12:00PM EDT | Shifting Left the Right Way With OSCAL (research use case and proof of concept) | **Chris Compton**, Senior IT Specialist, *NIST*; **Alexander Stein**, Senior IT Specialist, *NIST*; **Nikita Wootten**, Project Lead, IT Specialist, *NIST* | [presentation](https://csrc.nist.gov/csrc/media/Presentations/2023/oscal-mini-workshop-11-NIST-Blossom/Presentation.ACSAC.2022.pdf), [video](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-11-NIST-Blossom/3.01.2023_Shifting-Left-the-Right-Way-with-OSCAL.mp4), [demo](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-11-NIST-Blossom/DEMO_3.01.2023_Shifting-left-the-right-way-with-OSCAL.mp4), [presentation transcript](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-11-NIST-Blossom/3.01.2023_Shifting-left-the-right-way_Presentation_Transcript.txt), [demo transcript](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-11-NIST-Blossom/DEMO_3.01.2023_shifting-left-the-right-way_TRANSCRIPT.txt) | +| **2023/11/15** | 11:00AM-12:00PM EDT | Cyber Compliance Management Platform | **Tom Nash**, PwC, *UK*; **Siva Mallampati**, PwC, *UK*; **Salma Bedair**, PwC, *UK*; **Joshua Kong**, PwC, *Middle East*, **Shereef Assem**, PwC, *Middle East* | [presentation](https://csrc.nist.gov/csrc/media/presentations/OSCAL%20Demo%20for%20NIST_Slides69.pdf) | +| **2023/10/18** | 11:00AM-12:00PM EDT | OSCAL-Pydantic: A python library for OSCAL | **Robert Sherwood**, Principal Consultant, *Credentive Security* | [presentation](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-17-Rob_Sherwood/OSCAL-Pydanticv-%20notes.pdf), [video](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-17-Rob_Sherwood/10.18.2023_OSCAL-Pydantic.mp4), [transcript](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-17-Rob_Sherwood/10.18.2023_OSCAL-Pydantic_Captions.txt) | +| **2023/09/20** | 11:00AM-12:00PM EDT | OSCAL in an Enterprise Context | **JJ Contessa**, COO, *C1Secure*; **Vijay Addicam**, Senior Developer, *C1Secure*; **Todd Hughes**, Senior Security Analyst, *C1Secure*; **Steve Grogan**, VP of Services| [presentation](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-16-C1Security/An%20Enterprise%20Platform%20Perspective%20-%20September%202023_c1secure_updated.pdf), [video part 1](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-16-C1Security/PART-1_9.20.2023_C1service.mp4), [video part 2](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-16-C1Security/PART-2_9.20.2023_C1Secure.mp4), [transcript part 1](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-16-C1Security/9.20.2023_C1Secure-Transcript-P1.txt), [transcript part 2](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-16-C1Security/9.20.2023_C1secure_Transcript-P2.txt) | +| **2023/08/23** | 11:00AM-12:00PM EDT | Step-by-Step Introduction to NIST's OSCAL-CLI Tool | **Alexander Stein**, OSCAL Technical Director, *NIST* | [presentation](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-15-NIST/OSCAL-CLI_20230823.pdf), [video](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-15-NIST/8.23.2023_Step-by-Step-Intro-to-OSCAl-CLI_AJ.Stien.mp4), [transcript](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-15-NIST/8.23.23_Step-by-step-to-OSCAL-CLI_CAPTIONS.txt) | +| **2023/07/19** | 11:00AM-12:00PM EDT | Tracer - Accelerating ATOs at Scale with an Inheritance-driven Community Compliance Platform | **Clark Pain**, Product Manager, *Rise8* | [presentation](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-14-Rise8/Tracer_Presentation_2023-07-19_orig.mp4), [video](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-14-Rise8/7.19.2023_Tracer_C.Pain.mp4), [transcript](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-14-Rise8/7.19.2023_Tracer_C.Plain_CAPTIONS.txt), [demo](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-14-Rise8/Tracer_Demo.mov) | +| **2023/05/17** | 11:00AM-12:00PM EDT | Applying OSCAL in the Context of Public Key Infrastructure | **Robert Sherwood**, Principal Consultant, *Credentive Security* | [presentation](https://csrc.nist.gov/csrc/media/Presentations/2023/oscal-mini-workshop-13-FPKI/FPKI-OSCAL%2Bnotes.pdf), [video](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-13-FPKI/5.17.2023_FedPKI-OSCAL_R.Sherwood.mp4), [transcript](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-13-FPKI/5.17.2023_FPKI-OSCAL_CAPTIONS.txt) | | **2023/03/15** | 11:00AM-12:00PM EDT | Telos's Journey of Bringing OSCAL Adoption to Reality | **Stephanie Lacy**, Senior Solution Architect, *Telos*; **Connor Hite**, Solution Architect, *Telos* | [presentation](https://csrc.nist.gov/csrc/media/Presentations/2023/oscal-mini-workshop-12-Telos/OSCALInheritance.pptx), [video](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-12-Telos/3.15.2023_TELOS-XACTA.mp4), [transcript](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-12-Telos/3.15.2023_TELOS-XACTA.txt) | -| 2023/05/17 | 11:00AM-12:00PM EDT | Applying OSCAL in the Context of Public Key Infrastructure | **Robert Sherwood**, Principal Consultant, *Credentive Security* | [presentation](https://csrc.nist.gov/csrc/media/Presentations/2023/oscal-mini-workshop-13-FPKI/FPKI-OSCAL%2Bnotes.pdf), [video](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-13-FPKI/5.17.2023_FedPKI-OSCAL_R.Sherwood.mp4), [transcript](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-13-FPKI/5.17.2023_FPKI-OSCAL_CAPTIONS.txt) | -| 2023/07/19 | 11:00AM-12:00PM EDT | Tracer - Accelerating ATOs at Scale with an Inheritance-driven Community Compliance Platform | **Clark Pain**, Product Manager, *Rise8* | [presentation](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-14-Rise8/Tracer_Presentation_2023-07-19_orig.mp4), [video](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-14-Rise8/7.19.2023_Tracer_C.Pain.mp4), [transcript](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-14-Rise8/7.19.2023_Tracer_C.Plain_CAPTIONS.txt), [demo](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-14-Rise8/Tracer_Demo.mov) | -| 2023/08/23 | 11:00AM-12:00PM EDT | Step-by-Step Introduction to NIST's OSCAL-CLI Tool | **Alexander Stein**, OSCAL Technical Director, *NIST* | [presentation](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-15-NIST/OSCAL-CLI_20230823.pdf), [video](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-15-NIST/8.23.2023_Step-by-Step-Intro-to-OSCAl-CLI_AJ.Stien.mp4), [transcript](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-15-NIST/8.23.23_Step-by-step-to-OSCAL-CLI_CAPTIONS.txt) | -| 2023/09/20 | 11:00AM-12:00PM EDT | OSCAL in an Enterprise Context | **JJ Contessa**, COO, *C1Secure*; **Vijay Addicam**, Senior Developer, *C1Secure*; **Todd Hughes**, Senior Security Analyst, *C1Secure*; **Steve Grogan**, VP of Services| [presentation](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-16-C1Security/An%20Enterprise%20Platform%20Perspective%20-%20September%202023_c1secure_updated.pdf), [video part 1](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-16-C1Security/PART-1_9.20.2023_C1service.mp4), [video part 2](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-16-C1Security/PART-2_9.20.2023_C1Secure.mp4), [transcript part 1](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-16-C1Security/9.20.2023_C1Secure-Transcript-P1.txt), [transcript part 2](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-16-C1Security/9.20.2023_C1secure_Transcript-P2.txt) | -| 2023/10/18 | 11:00AM-12:00PM EDT | OSCAL-Pydantic: A python library for OSCAL | **Robert Sherwood**, Principal Consultant, *Credentive Security* | [presentation](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-17-Rob_Sherwood/OSCAL-Pydanticv-%20notes.pdf), [video](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-17-Rob_Sherwood/10.18.2023_OSCAL-Pydantic.mp4), [transcript](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-17-Rob_Sherwood/10.18.2023_OSCAL-Pydantic_Captions.txt) | -| 2023/11/15 | 11:00AM-12:00PM EDT | Cyber Compliance Management Platform | **Tom Nash**, PwC, *UK*; **Siva Mallampati**, PwC, *UK*; **Salma Bedair**, PwC, *UK*; **Joshua Kong**, PwC, *Middle East*, **Shereef Assem**, PwC, *Middle East* | [presentation](https://csrc.nist.gov/csrc/media/presentations/OSCAL%20Demo%20for%20NIST_Slides69.pdf) | +| **2023/03/01 SPECIAL EDITION** | 11:00AM-12:00PM EDT | Shifting Left the Right Way With OSCAL (research use case and proof of concept) | **Chris Compton**, Senior IT Specialist, *NIST*; **Alexander Stein**, Senior IT Specialist, *NIST*; **Nikita Wootten**, Project Lead, IT Specialist, *NIST* | [presentation](https://csrc.nist.gov/csrc/media/Presentations/2023/oscal-mini-workshop-11-NIST-Blossom/Presentation.ACSAC.2022.pdf), [video](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-11-NIST-Blossom/3.01.2023_Shifting-Left-the-Right-Way-with-OSCAL.mp4), [demo](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-11-NIST-Blossom/DEMO_3.01.2023_Shifting-left-the-right-way-with-OSCAL.mp4), [presentation transcript](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-11-NIST-Blossom/3.01.2023_Shifting-left-the-right-way_Presentation_Transcript.txt), [demo transcript](https://csrc.nist.gov/csrc/media/presentations/2023/oscal-mini-workshop-11-NIST-Blossom/DEMO_3.01.2023_shifting-left-the-right-way_TRANSCRIPT.txt) | +| **2023/02/15** | 11:00AM-12:00PM EDT | Google's Internal OSCAL Adoption | **Vikram Khare**, Director – Continuous Assurance and Controls Engineering, *Google*; **Val Mihai**, Cloud CISO - Continuous Assurance and Controls Engineering, *Google* | [presentation](https://csrc.nist.gov/csrc/media/Presentations/2023/oscal-mini-workshop-10-Google/Google_OSCAL_Presentation.pdf), [video](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/2.15.2023_Googles-Internal-OSCAL-Adoption_VKhare-VMihai.mp4), [transcript](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/2.15.2023_Googles-Internal-OSCAL-Adoption_CAPTIONS.txt) | +| **2023/02/01 SPECIAL EDITION** | 11:00AM-12:00PM EDT | A Modern Authorization and Accreditation Platform Enabled by OSCAL | **John Tibbits**, Principal, *IMPLERUS Corporation*; **Marcin Staszewski**, Chief Development Officer, *IMPLERUS Corporation* | [presentation](https://csrc.nist.gov/csrc/media/Presentations/2023/oscal-mini-workshop-9-implerus/Synergeo%20PPT-v1.4%20NIST%2031-JAN-2023%20v3.pdf), [video & demo](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/2.01.2023_Modern-Authorization-and-Accreditation_John-Tibbitts.mp4), [transcript](https://csrc.nist.gov/csrc/media/Projects/open-security-controls-assessment-language/images-media/2.15.2023_Googles-Internal-OSCAL-Adoption_CAPTIONS.txt) | ### 2022 | Date | Time | Talk/Demo/Discussion | Presenter & Affiliation | Type | Knowledge Level | | :---:|:----:|:-------------------- |:----------------------- |:----:|:---------------:| -| 2022/05/18 | 11:00AM-11:40AM EDT | 1. Compliance as Code for Big Bang Risk Management Framework (RMF) Control Mapping to Accelerate Department of Defense (DoD) Authorization to Operate (ATO) | Maj Camdon Cady, Chief Operating Officer, Platform One, US Airforce & Tom Runyon, Defense Unicorns | [presentation](https://csrc.nist.gov/csrc/media/Presentations/2022/oscal-mini-workshop-1-P1_DoD%2BNIST/P1%20OSCAL%20PA%20Approved.pdf) | L2 | -| | 11:40AM-12:00PM EDT | 2. OSCAL Catalog Authoring Tool (CAT) | Dmitry Cousin, NIST |[presentation](https://csrc.nist.gov/csrc/media/Presentations/2022/oscal-mini-workshop-1-P1_DoD%2BNIST/OSCAL-CAT_Dmitry-Cousin.pdf) demo | L1 | -| 2022/06/15 | 11:00AM-12:00PM EDT | IBM's Trestle - compliance as code orchestrator and automation workflow | Dr. Anca Sailer [video](https://csrc.nist.gov/csrc/media/Presentations/2022/oscal-mini-workshop-2-ibm-s-trestle/images-media/IBM-Trestle-part1-ASailer-2022-06-15-caption.mp4), Dr. Vikas Agarwal [video](https://csrc.nist.gov/csrc/media/Presentations/2022/oscal-mini-workshop-2-ibm-s-trestle/images-media/IBM-Trestle-part2-VAgarwal-2022-06-15-caption.mp4), and Lou DeGenaro [video](https://csrc.nist.gov/csrc/media/Presentations/2022/oscal-mini-workshop-2-ibm-s-trestle/images-media/IBM-Trestle-part3-LDegenaro-2022-06-15-caption.mp4)| [presentation](trestle-agile-authoring.pdf) & [demo summary](trestle-agile-authoring-demo.pdf) | L4 | -| 2022/07/13 | 11:00AM-12:00PM EDT | OSCAL Implementation: Early Lessons Learned [video](https://csrc.nist.gov/csrc/media/Presentations/2022/oscal-mini-workshop-3-aws/images-media/AWS%2BTelos_2022-07-13_captions.mp4) | Matthew Donkin, Security Assurance Manager, AWS & Stephanie Lacy, Senior Solutions Architect, Telos| [presentation](aws+telos-lessons_learned.pdf) | L3 | -| 2022/08/10 | 11:00AM-12:00PM EDT | Extreme Automation with OSCAL - Exercising the Full OSCAL Stack in a Next Generation GRC [video](https://csrc.nist.gov/csrc/media/Presentations/2022/oscal-mini-workshop-20220810-regscale/images-media/RegScale_2022-08-10_caption.mp4) | Travis Howerton, Co-Founder & CTO, RegScale | [presentation](regscale-extreme_automation.pdf) & demo | L1-L3 | -| 2022/09/07 | 11:00AM-12:00PM EDT | NIST OSCAL Open Source Tooling | David Waltermire, OSCAL Technical Director, Dmitry Cousin, OSCAL team member, NIST | [video p1&p2](https://csrc.nist.gov/csrc/media/Presentations/2022/oscal-mini-workshop-5-nist-20220907/NIST-OSCAL-Tools-HD.mp4), presentation1, [presentation2](https://csrc.nist.gov/csrc/media/Presentations/2022/oscal-mini-workshop-5-nist-20220907/OSCAL-CAT_Dmitry-Cousin.pdf) & demos | L1-L3 | -| 2022/10/05 | 11:00AM-12:00PM EDT | Compliance as Code - from Upstream to Ops | Brandt Keller, Software Engineer, Defense Unicorns | [presentation](https://csrc.nist.gov/csrc/media/Presentations/2022/P1%20OSCAL%20PA%20Approved_10.2022.pdf) & demo | L2-L3 | -| 2022/11/02 | 11:00AM-12:00PM EDT | Implementing an Agency Security Assessment Framework (SAF) with OSCAL "ComplianceOps" | Robert Ficcaglia, CNCF Kubernetes Policy Co-Chair, CNCF Security Technical Advisory Group Lead Assessor, Kubernetes SIG-Security Audit Team | [presentation](https://csrc.nist.gov/csrc/media/Presentations/2022/oscal-mini-workshop-7-CNCF/images-media/OSCAL%20Mini%20Workshop%2011-2022-NEW.pdf), [video](https://csrc.nist.gov/csrc/media/Presentations/2022/oscal-mini-workshop-7-CNCF/images-media/CNCF-Roberrt-Ficcaglia-2022-11-02-captions.mp4), [transcript](https://csrc.nist.gov/csrc/media/Presentations/2022/oscal-mini-workshop-7-CNCF/images-media/CNCF-Roberrt_Ficcaglia_2022-11-02-caption.pdf) | L1-L3 | -| 2022/11/30 | 11:00AM-12:00PM EDT | The OSCAL Futurist: Musing on What Is Possible and What is Needed | Greg Elin, Founder & CEO, GovReady PBC | [presentation](https://csrc.nist.gov/csrc/media/Presentations/2022/oscal-mini-workshop-8-GovReady/images-media/OSCAL-Futurist-Nov-30-2022%20v2.pdf), [video](https://csrc.nist.gov/csrc/media/Presentations/2022/oscal-mini-workshop-8-GovReady/images-media/GovReady-Greg_Elin-2022-11-30.mp4), [transcript](https://csrc.nist.gov/csrc/media/Presentations/2022/oscal-mini-workshop-8-GovReady/images-media/GovReady-Greg_Elin-2022-11-30_caption.pdf) | L2-L3 | +| **2022/11/30** | 11:00AM-12:00PM EDT | The OSCAL Futurist: Musing on What Is Possible and What is Needed | **Greg Elin**, Founder & CEO, *GovReady PBC* | [presentation](https://csrc.nist.gov/csrc/media/Presentations/2022/oscal-mini-workshop-8-GovReady/images-media/OSCAL-Futurist-Nov-30-2022%20v2.pdf), [video](https://csrc.nist.gov/csrc/media/Presentations/2022/oscal-mini-workshop-8-GovReady/images-media/GovReady-Greg_Elin-2022-11-30.mp4), [transcript](https://csrc.nist.gov/csrc/media/Presentations/2022/oscal-mini-workshop-8-GovReady/images-media/GovReady-Greg_Elin-2022-11-30_caption.pdf) | L2-L3 | +| **2022/11/02** | 11:00AM-12:00PM EDT | Implementing an Agency Security Assessment Framework (SAF) with OSCAL "ComplianceOps" | **Robert Ficcaglia**, CNCF Kubernetes Policy Co-Chair, CNCF Security Technical Advisory Group Lead Assessor, *Kubernetes SIG-Security Audit Team* | [presentation](https://csrc.nist.gov/csrc/media/Presentations/2022/oscal-mini-workshop-7-CNCF/images-media/OSCAL%20Mini%20Workshop%2011-2022-NEW.pdf), [video](https://csrc.nist.gov/csrc/media/Presentations/2022/oscal-mini-workshop-7-CNCF/images-media/CNCF-Roberrt-Ficcaglia-2022-11-02-captions.mp4), [transcript](https://csrc.nist.gov/csrc/media/Presentations/2022/oscal-mini-workshop-7-CNCF/images-media/CNCF-Roberrt_Ficcaglia_2022-11-02-caption.pdf) | L1-L3 | +| **2022/10/05** | 11:00AM-12:00PM EDT | Compliance as Code - from Upstream to Ops | **Brandt Keller**, Software Engineer, *Defense Unicorns* | [presentation](https://csrc.nist.gov/csrc/media/Presentations/2022/P1%20OSCAL%20PA%20Approved_10.2022.pdf) & demo | L2-L3 | +| **2022/09/07** | 11:00AM-12:00PM EDT | NIST OSCAL Open Source Tooling | **David Waltermire**, OSCAL Technical Director, *NIST*; **Dmitry Cousin**, OSCAL Team Member, *NIST* | [video p1&p2](https://csrc.nist.gov/csrc/media/Presentations/2022/oscal-mini-workshop-5-nist-20220907/NIST-OSCAL-Tools-HD.mp4), presentation1, [presentation2](https://csrc.nist.gov/csrc/media/Presentations/2022/oscal-mini-workshop-5-nist-20220907/OSCAL-CAT_Dmitry-Cousin.pdf) & demos | L1-L3 | +| **2022/08/10** | 11:00AM-12:00PM EDT | Extreme Automation with OSCAL - Exercising the Full OSCAL Stack in a Next Generation GRC [video](https://csrc.nist.gov/csrc/media/Presentations/2022/oscal-mini-workshop-20220810-regscale/images-media/RegScale_2022-08-10_caption.mp4) | **Travis Howerton**, Co-Founder & CTO, *RegScale* | [presentation](regscale-extreme_automation.pdf) & demo | L1-L3 | +| **2022/07/13** | 11:00AM-12:00PM EDT | OSCAL Implementation: Early Lessons Learned [video](https://csrc.nist.gov/csrc/media/Presentations/2022/oscal-mini-workshop-3-aws/images-media/AWS%2BTelos_2022-07-13_captions.mp4) | **Matthew Donkin**, Security Assurance Manager, *AWS*; **Stephanie Lacy**, Senior Solutions Architect, *Telos*| [presentation](aws+telos-lessons_learned.pdf) | L3 | +| **2022/06/15** | 11:00AM-12:00PM EDT | IBM's Trestle - compliance as code orchestrator and automation workflow | **Dr. Anca Sailer** [video](https://csrc.nist.gov/csrc/media/Presentations/2022/oscal-mini-workshop-2-ibm-s-trestle/images-media/IBM-Trestle-part1-ASailer-2022-06-15-caption.mp4); **Dr. Vikas Agarwal** [video](https://csrc.nist.gov/csrc/media/Presentations/2022/oscal-mini-workshop-2-ibm-s-trestle/images-media/IBM-Trestle-part2-VAgarwal-2022-06-15-caption.mp4); **Lou DeGenaro** [video](https://csrc.nist.gov/csrc/media/Presentations/2022/oscal-mini-workshop-2-ibm-s-trestle/images-media/IBM-Trestle-part3-LDegenaro-2022-06-15-caption.mp4)| [presentation](trestle-agile-authoring.pdf) & [demo summary](trestle-agile-authoring-demo.pdf) | L4 | +| **2022/05/18** | 11:00AM-11:40AM EDT | 1. Compliance as Code for Big Bang Risk Management Framework (RMF) Control Mapping to Accelerate Department of Defense (DoD) Authorization to Operate (ATO) | **Maj Camdon Cady**, Chief Operating Officer, *Platform One, US Airforce*; **Tom Runyon**, *Defense Unicorns* | [presentation](https://csrc.nist.gov/csrc/media/Presentations/2022/oscal-mini-workshop-1-P1_DoD%2BNIST/P1%20OSCAL%20PA%20Approved.pdf) | L2 | +| **2022/05/18** | 11:40AM-12:00PM EDT | 2. OSCAL Catalog Authoring Tool (CAT) | **Dmitry Cousin**, OSCAL Team Member, *NIST* |[presentation](https://csrc.nist.gov/csrc/media/Presentations/2022/oscal-mini-workshop-1-P1_DoD%2BNIST/OSCAL-CAT_Dmitry-Cousin.pdf) demo | L1 |