My Internship Experience: Xacta 360 and Beyond
(Part 3)
I collaborated with my team on Xacta 360, an innovative risk management and compliance platform. Together, we navigated the challenges of learning this new software, where I honed my data manipulation skills, contributed to security control implementation, and gained insights into cybersecurity standards like CCIs and NIST.
In this final stage of my internship, I worked with an application software called Xacta 360, a comprehensive risk management and compliance automation platform. This software was entirely new to the whole team, and it was an exciting opportunity for us to embark on a collective learning journey together. While I didn't have the luxury of having my own Xacta 360 license and dedicated project, I made the most of my time by collaborating with various team members on their projects involving the software.
A key aspect of my involvement with Xacta 360 was the manipulation of data within the software and aiding in the implementation of different security controls. To do this effectively, I closely examined Security System Plans (SSPs) and employed my critical thinking skills to determine the relevance and applicability of each control. The SSP I reviewed belonged to the FARO Freestyle group within my department. FARO Freestyle is a handheld 3D laser scanner produced by FARO Technologies, a company known for its 3D measurement and imaging solutions. I extracted a spreadsheet from Xacta, carefully refined and updated the information using the SSPs, and then imported it back into the software. Gaining a practical understanding of how data flows within the software, this task required careful analysis and evaluation, which, in turn, allowed me to make meaningful contributions to our compliance and risk management efforts. I also delved into Common Control Identifiers (CCIs) and the importance of the National Institute of Standards and Technology (NIST), which were both directly relevant to Xacta 360. CCIs ensure uniform security standards across diverse systems, while NIST, as the authority on cybersecurity standards, significantly influenced our compliance approach.
In conclusion, this stage provided me with a lot of knowledge, not only in the practical use of Xacta 360 but also in the broader context of cyber compliance, including the crucial concepts of CCIs and NIST. This experience has deepened my understanding of the field and provided me with valuable knowledge that will undoubtedly prove instrumental in my future work within the cybersecurity realm.