This is a web application tool used to visualize the state and baseline of security of a model or cluster. It includes easy-to-understand visualization graphs and charts to assess the current passing/failing components from the NIST SP 800-53 Rev. 4/5 zero-trust framework. The application extracts information from a assessment-results.json file written in OSCAL. Examples of such a file can be found here.

More background information is listed in this document.

More about OSCAL can be found here. More about NIST can be found here.

• Visualizes Zero Trust architecture based on OSCAL data.
• Clearly indicates passing and failing OSCAL components.
• Provides extensive details for each component.
• User-friendly interface for navigating complex OSCAL data.
• ARF XML to OSCAL converter

• npm
• Go - only required if using converter

git clone https://github.com/nathanstrahs/zero-trust-visualization.git
cd zero-trust-visualization
npm install

How to start the application.

• Development Mode:
  • npm run dev

Access the application at http://localhost:[your-port].

Simply upload your assessment-results.json, and view the visualization tools.

• For the application to successfully display controls, the uploaded JSON file must conform to the outline listed here.
• For more information about the NIST controls, refer to this document.
• To see examples of uploaded assessment-results.json files, see this examples directory.

Apache 2.0

• Nathan Strahs - nathanstrahs[at]gmail[dot]com