-
Tracking updates of cloud.google.com
-
In order for us to update the JAB on our compliance in a consistent way, we need to deliver a Continuous Monitoring report monthly (our standard due date is the 2nd of the month. If these dates fall o…
-
Increase retention of Elasticsearch domain `ES_APPLICATION_LOGS` type logs to 180 days.
This ticket was prompted from the review of audit log retention #5078
----
- [x] Security design review…
-
* **This is a ...**
- [ ] **concern** - I think something needs to be different.
- [X] **question** - I didn't understand something.
- [ ] **kudos** - I found something helpful and want to en…
-
# Describe the bug
Error in FedRAMP Validator requiring IPv6 if IPv4 prop is included.
# Who is the bug affecting?
Anyone submitting an oscal ssp that defined inventory with ipv4 but not ipv6…
-
* **This is a ...**
- [x] **concern** - I think something needs to be different.
- [ ] **question** - I didn't understand something.
- [ ] **kudos** - I found something helpful and want to en…
-
There needs to be something in the README about regulatory compliance.
Real "AI Safety" is traditional cybersecurity.
Hopefully in the near future there should be a @tinygrad library - simple fo…
-
Lula should default to generating OSCAL artifacts based on the input validated.
This will be blocked by the availability of golang supported OSCAL libraries for any OSCAL model required for this o…
-
# Describe the bug
If the accreditation boundary cloud-service-model is/contains iaas, the requirement for a leveraged authorization is still resulting in an error from the cli-validator
 form as a prerequisite to register CMS as a "minor application" in accordance with VA SOPs. Filename to complete by CMS tea…