Learn About It! - SAF Training Experiences Updated: 2023-08-11 | Emily Rodriguez
The History of SAF Training
The MITRE SAF© team, being a part of the open source security community, has created training content for the community to learn more about the tools used by MITRE SAF©. Historically, this training was focused on the security compliance test language, InSpec, to allow security developers to learn how to write automated security tests. While participants did and continue to benefit and enjoy trainings on InSpec, there became a need and desire to expand the training content to include general content on how to use the MITRE SAF© and overall security automation information.
From this, the MITRE SAF© User class was born...
The MITRE SAF© User Class
The MITRE SAF© User class describes the process of planning, hardening, validating, normalizing, and visualizing security data, allowing participants to gain understanding and hands-on practical use of MITRE's Security Automation Framework©. The first class was given in September, 2022, and several dozen people have taken the class since.
So what did they think about it?
The MITRE SAF© User Class Experience
Here are some thoughts from the participants themselves.
| "The most rewarding aspect were the capabilities (when understood) of being able to see the entire security posture of your system." | Information System Security Manager |
| "The most rewarding part was the ability to utilize MITRE SAF© to conduct automated compliance scans, harden and valid scan results." | Assessor |
| "I could see the output on the dashboard and how all the controls are listed." | Information System Security Officer |
| "The MITRE SAF© is a new way to automated some of the more tedious security processes" | Security Team Member |
| "We did demonstrations with targeting assets and saw functionality through the labs." | Compliance Lead |
| "The training was excellent; very clear and to the point." | Supervisor |
| "My takeaway is in the business of Security Assessment; MITRE SAF© takes care of the most important aspect which is defining the business logic of controls and managing compliance. This is amazing. The software development aspect of using InSpec may seem not as automated at the beginning, but the programming is made so much simpler with the availability of the InSpec Resources." | DevSecOps Lead |
Overall, participants took away practical skills for automating security assessments through hands-on examples to:
- Identify and locate security guidance for a software component.
- Understand the capabilities available in the main pillars of the MITRE Security Automation Framework© - Plan, Harden, Validate, Normalize, Visualize.
- Define and run an InSpec profile to validate a component against security guidance.
- Visualize InSpec results and third party security tool data.
- Automatically export checklist results from a security assessment.
Let's Keep Learning
Check out the MITRE SAF© training content on the GitHub pages SAF Training site or the Netlify SAF Training site to go through class content independently and stay tuned for notices on live, instructor-led sessions of the same content. And for us, let us know what else you want to learn or how the training can be improved! Just like a new software release, we are always upgrading and learning more.