Skip to content

OSCAL output support #11

@rdwj

Description

@rdwj

Support NIST OSCAL (Open Security Controls Assessment Language) output to feed automated ATO pipelines such as Trestle and Lula.

Acceptance Criteria:

  • Generate OSCAL Assessment Results JSON
  • Map findings to OSCAL observation and finding structures
  • Include control implementation status per NIST 800-53 control
  • Validate output against OSCAL JSON schema
  • stigcode export oscal --input results.sarif --output assessment-results.json
  • Document integration with Trestle and Lula workflows

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or requestoutputOutput format generationpriority:lowLow priority

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions