Brandt Keller
Brandt Keller
Enable option in the CLI to accept which profile is being evaluated in an OSCAL file.
Does the version of oscal impact lula runtime? Test and document
After renaming the project, we'll need to re-record the live-cluster and static-manifest demo files and render those into gif's.
Placeholder for dropping improvements to the implementation of the OPA provider and how we use the OPA SDK to-date. Wanting to evaluate the implementation more and see if we can...
Investigate, document (here), and develop the generation of an SSP template that derives data from other OSCAL data sources that Lula already consumes. - Component Definitions - Security Assessment Results...
Within a reasonable execution - Lula should support performing validations (Per implemented-requirement) in a concurrent manner to help drive efficiency where possible. Previously we had concurrency built-into the opa validation...
As the code-base continues to grow - the boundaries between functions should begin to firm - and with that understanding where transient data should be generic vs specific. Investigate transient...
Investigate the value in breaking down new findings during evaluation by whether they are satisfied / not-satisfied for quick feedback on new control information.
How will we handle a scenario where two components implement the same control but only 1 needs to pass because of something like redundancy.
Given the Security Assessment Results model [here](https://pages.nist.gov/OSCAL/resources/concepts/layer/assessment/assessment-results/#assessment-results-organization) the `Results` is an array of `result` objects which look to be Point-In-Time artifacts for an assessment (cycle).