Skip to main content

3. What's the SAF?

Aaron LippoldAbout 1 min

3. SAF Scavenger Hunt

Explore the SAF homepageopen in new window to find the answers to this scavenger hunt and familiarize yourself with the topics of this course. When you are done, check your answers!

1. What are the main pillars of the SAF?

The main pillars are

  • Plan
  • Harden
  • Validate
  • Normailze
  • Visualize

The SAF helps teams plan what guidance will help them keep their software secure. It also provide libraries and tools for automatically hardening and validating software based on that guidance, normalize other security data, and visualize all the information to properly inform teams of risk and vulnerabilities.

2. Is SAF a tool? Why or why not?

Nope!

SAF, the Security Automation Framework, is a Framework and uses a COLLECTION of tools, techniques, applications, and libraries to streamline security automation. Since teams operate in different environments with different components, not everyone's security journey will look the same.

Some notable tools within the Security Automation Framework are Vulcan, the SAF CLI, and Heimdall.
Alt text

3. What is HDF?

HDFopen in new window, or Heimdall Data Format, is a common format to represent normalized security data. HDF files record vital security data about a completed validation test, such as the test code, description, attributes, and outcome. This allows for the aggregation and analysis of test results from a wide range of validation tools at once.

HDF data can be easily visualized in Heimdallopen in new window, the SAF's visualization application.

4. Which of the following is NOT a tool that SAF provides to help in the security automation process? (eMASS Client, InSpec, SAF CLI, Heimdall, Vulcan)

InSpec is more than a tool - it is a language developed by Chef that MITRE and other security community members use to write InSpec profiles which are sets of controls for automating security validation. You can view InSpec profiles on the validation section of the SAF siteopen in new window. You can see more information on how to run InSpec profiles on the getting started sectionopen in new window. The available tools are found under the "The MITRE SAF© Open Source Toolset" section of the siteopen in new window.