The SAF User Class provides understanding and hands-on practical use of MITRE's Security Automation Framework with a focus on automating security validation and visualization.

• Identify and locate security guidance for a software component
• Understand the capabilities available in the main pillars of the MITRE Security Automation Framework - Plan, Harden, Validate, Normalize, Visualize
• Visualize InSpec results and third party security tool data
• Define and run an InSpec profile to validate a component against a security guide
• Automatically export checklist results from a security assessment

See below for the class recording from the SAF User Class taught on November 1st, 2023.

The SAF Guidance Developer Class teaches participants how security guidance fits in the security validation lifecycle and equips them with the tools and knowledge to create and use security guidance.

• Identify and locate security guidance for a software component.
• Differentiate between different types of security guidance, such as SRGs and STIGs.
• Create tailored security guidance using Vulcan.
• Classify security requirements as Applicable - Configurable, Applicable - Inherently Meets, Applicable - Does Not Meet, Not Applicable, or Not Yet Determined for a given software component.
• Export security guidance as InSpec stubs to assist in automated security validation.
• Understand how STIG-ready content can be formally peer reviewed by DISA and published to the security community
• Create guidance with Vulcan to support Authority To Operate (ATO) efforts

See below for the class recording from the SAF Guidance Developer Class taught on November 2nd, 2023.

The SAF Beginner Security Automation Developer Class teaches the fundamentals of how to develop security validation content, particularly through hands-on examples developing InSpec profiles. Note that since InSpec tests are written in the Ruby language, basic knowledge of Ruby and CLI familiarity is required.

• Describe the InSpec framework and its capabilities
• Describe the architecture of an InSpec profile
• Build an InSpec profile to transform security policy into automated security testing
• Inherit controls from existing profile baselines into your profiles to avoid rework
• Run an InSpec profile against a target - a component of an application stack
• View and analyze InSpec results
• Report Results
• Create concise, human-readable control output using RSpec syntax in InSpec profiles

See below for a class recording.

The SAF Advanced Security Automation Developer Class provides a deep dive into InSpec's advanced capabilities, such as resource development and how to insert InSpec testing into an automated security pipeline.

See below for a class recording.