Skip to main content

3. What's the SAF?

Aaron LippoldJune 29, 2022About 1 min

3.1 SAF Scavenger Hunt

Explore the SAF homepage to find the answers to this scavenger hunt and familiarize yourself with the topics of this course. When you are done, check your answers!

1. What are the main pillars of the SAF?

The main pillars are:

  • Plan
  • Harden
  • Validate
  • Normalize
  • Visualize

The SAF helps teams plan what guidance will help them keep their software secure. It also provides libraries and tools for automatically hardening and validating software based on that guidance, normalizing other security data, and visualizing all the information to properly inform teams of risk and vulnerabilities.

2. Is SAF a tool? Why or why not?

No.

SAF, the Security Automation Framework, is a framework that uses a collection of tools, techniques, applications, and libraries to streamline security automation. Since teams operate in different environments with different components, not everyone's security journey will look the same.

Some notable tools within the Security Automation Framework are Vulcan, the SAF CLI, and Heimdall.
SAF Tools

3. What is OHDF?

OHDF, or the OASIS Heimdall Data Format, is a common format to represent normalized security data. OHDF files record vital security data about a completed validation test, such as the test code, description, attributes, and outcome. This allows for the aggregation and analysis of test results from a wide range of validation tools at once.

OHDF data can be easily visualized in Heimdall, the SAF's visualization application.

4. Which of the following is NOT a tool that SAF provides to help in the security automation process? (eMASS Client, InSpec, SAF CLI, Heimdall, Vulcan)

InSpec is more than a tool - it is a language developed by Chef that MITRE and other security community members use to write InSpec profiles, which are sets of controls for automating security validation. You can view InSpec profiles on the validation section of the SAF site. You can see more information on how to run InSpec profiles on the getting started section. The available tools are found under the "The MITRE SAF© Open Source Toolset" section of the site.

Edit this page on GitHub
Last update: 12/2/2024, 4:04:58 AM
Contributors: Shivani Karikar,Aaron Lippold,Will,dependabot[bot],wdower,Emily Rodriguez,Emily Rodriguez
Apache-2.0 | Copyright © 2022 - The MITRE Corporation
Copyright © 2024 Aaron Lippold