©

Plan

Choose, tailor, and create security configuration guidance appropriate for your mission

The Planning Capability 

The MITRE SAF© Plan capability ensures that teams implement, verify, and manage security automation aligned to an organization’s security requirements using appropriate security guidance documentation.

From Requirements to Baselines 

Security automation relies on effective processes that implement security requirements to deliver software in an approved configuration. MITRE SAF© streamlines the process of aligning security content (hardening and validation) to benchmarks or baselines that describe secure software configurations. Examples of baselines include the Center for Internet Security (CIS) Benchmarks and the US Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs).

Tailoring Baselines for Security

Organizations must first identify appropriate security requirements to accomplish their mission objectives. These requirements help define which baseline (or set of baselines) best apply to their software components. Standard guidance or baselines should be tailored to meet the specific organizational policies and parameters for their mission and environment. Additionally, testing may reveal that fully configuring a system to a baseline would obstruct the system from performing its intended function.

Creating Security Automation Content

Best practice is to tightly bind all security automation activities back to the original security requirements. This will ensure that appropriate security configurations have not only been implemented and verified but also explains why those security measures were necessary.

Organizations can use the MITRE SAF© Vulcan© application to create, tailor, and manage security guidance documentation for software along with the relevant security automation content. This may include creating hardening scripts that implement the appropriate configuration to meet the security requirements as well as validation scripts that independently verify that the configuration has been implemented correctly (without making any changes to the software).

The MITRE SAF© Vulcan© Capability

Click here to learn how to start using Vulcan for creating and managing security guidance documentation and associated content.

Privacy Policy | MITRE
Deploys by Netlify

Copyright © 1997-2026, The MITRE Corporation. All rights reserved.

MITRE is a registered trademark of The MITRE Corporation. Material on this site may be copied and distributed with permission only.