OSCAL-Based React Component Library & REST API

Begin your OSCAL journey with our open source projects today

What is OSCAL?

As government agencies and regulated industries evolve towards modern software development architectures and cloud environments, the current processes for documentation and assessment of security compliance must improve or will become an unsustainable bottleneck to delivering solutions.

NIST understands these challenges and has developed the Open Security Controls Assessment Language (OSCAL), a machine-readable language that allows security professionals to automate security assessment, auditing, and continuous monitoring processes, making systems’ authorization-to-operate processes and the overall risk management easier.

Our Contribution

Easy Dynamics has embraced, participated in, and contributed to this effort, and has now released a flexible modern direct view into OSCAL data in the form of a React Component Library and a draft REST API specification for interacting with models. Both of these projects are designed to support NIST’s efforts to standardize how security controls can be captured and collaborated across organizations.

We released these tools as open source projects to give back to the OSCAL community, provide non-technical IT decision-makers a way to interact with OSCAL, and promote the early adoption of emerging technologies for improving the entire compliance process.

Our Offering

OSCAL React Component Library

A library of reusable React components that, when assembled, can render catalogs, profiles, components, and SSPs.

Follow on GitHub

The OSCAL React library will help to:

  • Provide options for UI developers to build a custom OSCAL viewer
  • Accelerate the development of user interfaces of a customized OSCAL viewer

OSCAL REST API

A REST API that describes how systems might manipulate catalogs, profiles, components, and SSPs.

Follow on GitHub

The OSCAL REST API will help to:

  • Drive conversation around integrations and interaction with OSCAL models
  • Define relationships and scope of objects within systems

How Did We Get Here?

Read the Blog

Looking Ahead

Our plans do not stop here. We are continuing the development on other OSCAL-related projects, primarily focused on the control and implementation of OSCAL layers, and hope to release at least some of those as open source projects in the future.

We encourage you to join us as active contributors in the OSCAL community and these open source projects to help with the successful adoption and implementation of OSCAL going forward.


Contact Us

 Are you looking to implement these technologies, or have questions? Send us a note.