Anca Sailer | The Blog Pros

September 16, 2022

Compliance Automated Standard Solution (COMPASS), Part 2: Trestle SDK

In part 1 of this multi-part blog series on continuous compliance, we detailed the personas and their role in the compliance processes. We concluded that the key to achieving compliance automation and hence continuous compliance is the compliance artifacts programmatic representation, as code, expressed in generic and standard security language terms.

In this blog post, we introduce Trestle, our open-source implementation of the NIST Open Security Control Assessment Language (OSCAL) standard framework adopted as a workflow automation of compliance artifacts managed as compliance as code. Trestle enables those diverse personas to collaboratively author the compliance artifacts and offers a platform and OSCAL SDK for teams to automate their specific native processes and formats. Trestle implicitly provides a core opinionated workflow driven by its pipeline to allow standardized interlocks with other compliance tooling platforms.

September 15, 2022

Compliance Automated Standard Solution (COMPASS), Part 1: Personas and Roles

This is the first part of our series of blog posts illustrating the challenges that organizations and cloud providers face when trying to achieve continuous compliance. The series will provide the key concepts, technologies, and industry standards that lead the way toward an operational, scalable, and effective end-to-end solution.

We will start by introducing the compliance personas and their roles and actions in the compliance processes. Understanding the personas, their roles, and needs is key to the design and architectural decisions for the Governance, Risk, and Compliance (GRC) automation detailed in our follow-up blog posts.

Cybersecurity path
In Networking
Does Anyone know how a beginner like me in tech can start learning cyber security or starting a career in cyber engineering? […]
GBase 8a Implementation Guide: Performance Optimization
No categories
1. Hardware Configuration Recommendations CPU Ensure the BIOS settings are in non-power-saving mode to prevent the CPU from throttling. For servers using Intel CPUs that are not deployed in a multi-instance environment, it is recommended to disable the... […]
Build an Advanced RAG App: Query Rewriting
No categories
In the last article, I established the basic architecture for a basic RAG app. In case you missed that, I recommend that you first read that article. That will set the base from which we can improve our RAG system. Also in that last article, I listed s... […]
Extracting YouTube Channel Statistics in Python Using YouTube Data API
In Computer Science
Are you interested in finding out what a YouTube channel mostly discusses? Do you want to analyze YouTube videos of a specific channel? If yes, we are in the same boat. YouTube video titles are a great way to determine the channel's primary focus. Plotting a word cloud or a ... […]
Contexts in Go: A Comprehensive Guide
No categories
Contexts in Go provide a standard way to pass metadata and control signals between goroutines. They are mainly used to manage task execution time, data passing, and operation cancellation. This article covers different types of contexts in Go and examp... […]