diff --git a/.DS_Store b/.DS_Store deleted file mode 100644 index 0b5b10b..0000000 Binary files a/.DS_Store and /dev/null differ diff --git a/CNAME b/CNAME index 5a16f74..9ad4dc8 100644 --- a/CNAME +++ b/CNAME @@ -1 +1 @@ -atoasap.org \ No newline at end of file +openato.org diff --git a/_config.yml b/_config.yml index 15b3934..a40a908 100644 --- a/_config.yml +++ b/_config.yml @@ -1,4 +1,4 @@ -title: ATO ASAP +title: OpenATO description: # baseurl: /compliance-as-code # the subpath of your site, e.g. /blog # url: https://govthinktank.github.io/compliance-as-code/ # the base hostname & protocol for your site, e.g. http://example.com @@ -6,10 +6,10 @@ description: # GitHub information # This is used for adding an edit this page link to the footer github_info: - organization: ato-asap + organization: openato repository: website -url: "https://ato-asap.github.io" # the base hostname & protocol for your site +url: "https://openato.github.io" # the base hostname & protocol for your site plugins: - jekyll-sitemap - jekyll-redirect-from diff --git a/_data/.DS_Store b/_data/.DS_Store deleted file mode 100644 index 5008ddf..0000000 Binary files a/_data/.DS_Store and /dev/null differ diff --git a/_data/footer.yml b/_data/footer.yml index e7f4f11..3f033ad 100644 --- a/_data/footer.yml +++ b/_data/footer.yml @@ -32,7 +32,7 @@ links: footer big_footer_signup_form: false # Configuration for footer heading. (optional) -heading: ATO ASAP +heading: OpenATO # Configuration for agency logo(s) (shown side by side). # If the logo is external add external: true @@ -47,7 +47,7 @@ contact: # Comment out links you don't want to use (RSS is an example) social_links: - text: GitHub - href: https://github.com/ato-asap + href: https://github.com/OpenATO external: true type: github # - text: Facebook diff --git a/_data/header.yml b/_data/header.yml index 64077b3..0673bf0 100644 --- a/_data/header.yml +++ b/_data/header.yml @@ -22,8 +22,11 @@ type: extended-mega # If the logo is external add external: true # logo: # src: /assets/img/logos/logo.png -# alt: ATO ASAP +# alt: OpenATO # external: #true +logo: + src: /assets/img/logos/OpenATO.png + alt: OpenATO # this is a key into _data/navigation.yml primary: diff --git a/_guide/.DS_Store b/_guide/.DS_Store deleted file mode 100644 index 5008ddf..0000000 Binary files a/_guide/.DS_Store and /dev/null differ diff --git a/_guide/introduction.md b/_guide/introduction.md index 0f9eb71..896bf07 100644 --- a/_guide/introduction.md +++ b/_guide/introduction.md @@ -9,6 +9,6 @@ categories: --- -Welcome to the ATO ASAP Guide. +Welcome to the OpenATO Guide. -Our goal with this guide is to make it easy for everyone in government (public and private sector) to understand the authory to operate (ATO) process and how they can better address security as it pertains to their specific role. \ No newline at end of file +Our goal with this guide is to make it easy for everyone in government (public and private sector) to understand the authory to operate (ATO) process and how they can better address security as it pertains to their specific role. diff --git a/_includes/.DS_Store b/_includes/.DS_Store deleted file mode 100644 index 5008ddf..0000000 Binary files a/_includes/.DS_Store and /dev/null differ diff --git a/_layouts/.DS_Store b/_layouts/.DS_Store deleted file mode 100644 index 5008ddf..0000000 Binary files a/_layouts/.DS_Store and /dev/null differ diff --git a/_layouts/guide.html b/_layouts/guide.html index 64a3e20..6a79610 100644 --- a/_layouts/guide.html +++ b/_layouts/guide.html @@ -10,7 +10,7 @@
  1. - ATO ASAP Guide + OpenATO Guide
  2. @@ -36,4 +36,4 @@

    {{ page.title }}

    - \ No newline at end of file + diff --git a/_people/.DS_Store b/_people/.DS_Store deleted file mode 100644 index 5008ddf..0000000 Binary files a/_people/.DS_Store and /dev/null differ diff --git a/_people/fen-labalme.md b/_people/fen-labalme.md index 6ac110f..e8fe334 100644 --- a/_people/fen-labalme.md +++ b/_people/fen-labalme.md @@ -7,13 +7,12 @@ image: fen-labalme.jpg categories: - Security and compliance linkedin: https://www.linkedin.com/in/fenlabalme/ -twitter: https://twitter.com/openprivacy github: https://github.com/openprivacy -gitlab: +gitlab: https://gitlab.com/openprivacy drupal: speakerdeck: website: --- -Fen leads security and compliance for [CivicActions](https://civicactions.com). \ No newline at end of file +Fen leads security and compliance for [CivicActions](https://civicactions.com). diff --git a/_people/luke-fretwell.md b/_people/luke-fretwell.md deleted file mode 100644 index 82b994c..0000000 --- a/_people/luke-fretwell.md +++ /dev/null @@ -1,19 +0,0 @@ ---- -type: team -published: 1 -author: luke-fretwell -name: Luke Fretwell -image: luke-fretwell.png -categories: - - -linkedin: https://www.linkedin.com/in/lukefretwell/ -twitter: https://twitter.com/lukefretwell -github: https://github.com/lukefretwell -gitlab: -drupal: -speakerdeck: -website: - ---- - -Luke Fretwell is a team member of ATO ASAP. \ No newline at end of file diff --git a/_people/marlena-medford.md b/_people/marlena-medford.md deleted file mode 100644 index 2c67c67..0000000 --- a/_people/marlena-medford.md +++ /dev/null @@ -1,19 +0,0 @@ ---- -type: team -published: 1 -author: marlena-medford -name: Marlena Medford -image: marlena-medford.jpg -categories: - - Artificial intelligence -linkedin: https://www.linkedin.com/in/marlena-medford/ -twitter: https://twitter.com/marlenamedford -github: -gitlab: -drupal: -speakerdeck: -website: - ---- - -Marlena Medford is a team member of ATO ASAP. \ No newline at end of file diff --git a/_posts/.DS_Store b/_posts/.DS_Store deleted file mode 100644 index 5008ddf..0000000 Binary files a/_posts/.DS_Store and /dev/null differ diff --git a/_posts/2021-02-19-hello-world.md b/_posts/2021-02-19-hello-world.md index e539f53..075a669 100644 --- a/_posts/2021-02-19-hello-world.md +++ b/_posts/2021-02-19-hello-world.md @@ -2,16 +2,16 @@ layout: post title: "Hello world" date: 2021-02-19 08:00:00 -0800 -description: Welcome to ATO ASAP. +description: Welcome to OpenATO. author: fen-labalme categories: image: card-power.png --- -Stay tuned. We're just getting started. +Stay tuned. We're just getting started. In the meantime, take a look around: * [We're open.](/open) * [Join us](/join) -* [News](/news) \ No newline at end of file +* [News](/news) diff --git a/_posts/2021-02-29-fcw-ato-asap-lets-finally-fix-the-security compliance problem.md b/_posts/2021-02-29-fcw-ato-asap-lets-finally-fix-the-security compliance problem.md index c6e9a35..f50cb70 100644 --- a/_posts/2021-02-29-fcw-ato-asap-lets-finally-fix-the-security compliance problem.md +++ b/_posts/2021-02-29-fcw-ato-asap-lets-finally-fix-the-security compliance problem.md @@ -14,4 +14,4 @@ From the post: > If we collaborate and take deliberate steps to integrate automation, we can unlock the bureaucratic inertia that has stalled compliance modernization and fix the ATO problem once and for all. -Full post: [ATO ASAP: Let’s finally fix the security compliance problem](https://fcw.com/articles/2021/02/04/comment-lazzeri-automate-ato.aspx) \ No newline at end of file +Full post: [ATO ASAP: Let’s finally fix the security compliance problem](https://www.nextgov.com/modernization/2021/02/ato-asap-lets-finally-fix-the-security-compliance-problem/258357/) diff --git a/_posts/2021-03-22-fcw-streamlining-government-security-with-a-federal-compliance-library.md b/_posts/2021-03-22-fcw-streamlining-government-security-with-a-federal-compliance-library.md index 2b9b384..c67464d 100644 --- a/_posts/2021-03-22-fcw-streamlining-government-security-with-a-federal-compliance-library.md +++ b/_posts/2021-03-22-fcw-streamlining-government-security-with-a-federal-compliance-library.md @@ -16,4 +16,4 @@ From the post: > By building a Federal Compliance Library based on open, iterative, collaborative principles, the federal government technology community will go further, faster. -Full post: [ATO ASAP: Streamlining government security with a Federal Compliance Library](https://fcw.com/articles/2021/03/22/comment-lazzeri-ato-asap.aspx) \ No newline at end of file +Full post: [ATO ASAP: Streamlining government security with a Federal Compliance Library](https://fcw.com/articles/2021/03/22/comment-lazzeri-ato-asap.aspx) diff --git a/_posts/2024-03-11-cybersecurity-notes.md b/_posts/2024-03-11-cybersecurity-notes.md new file mode 100644 index 0000000..27a618e --- /dev/null +++ b/_posts/2024-03-11-cybersecurity-notes.md @@ -0,0 +1,17 @@ +--- +layout: post +title: "Cybersecurity: Open and Transparent" +date: 2024-03-11 08:00:00 -0800 +description: Data Centricity is key. +author: fen-labalme +categories: featured +image: card-power.png +--- + +Obtaining an ATO is required for every internet-based system in the federal government. The documentation for an ATO is called a system security plan or SSP. Creating the SSP can take months, and very few SSPs are clear, complete or well written. In particular, details about how, say, access control or audit logs are managed may be broadly covered with few specifics regarding the system at hand. Further complicating the process, is a shroud of secrecy that forces every ISSO building a SSP has to reinvent the wheel for every technology component that their system is using. + +After inspecting hundreds of SSPs, we have found that the information contained within rarely requires secrecy to maintain the security of the system. And when such sensitive information exists it is usually misplaced and should not be in the SSP to begin with. To be clear, the results of assessing an SSP, that may include a list of discovered vulnerabilities, can reasonably be considered sensitive and maintained in a secure fashion. But there's a little reason for the SSP itself to remain secret, or even for the secure management of the general component-level assessment processes. (Tailored, specific assessment processes aimed at a particular implementation and environment may be crafted to exercise specific features of a system, and therefore may have a need to remain secret. But this is the exception and not the rule.) + +The threat landscape is evolving along with Moore's Law at an exponential rate. Humans do not evolve so quickly. And there is an increasing need to be proactive in the expanding open source software world. SBOM can show you CVEs that exist, but you need to know, your developers need to know what the risks are and what needs to be protected and what the business case is. Where open source development appears to be getting more opaque, we believe this is the perfect time to introduce open source assessment and open source ATOs. + +Creating an SSP in an open and transparent manner can help to improve communication and collaboration between different parts of an organization and even across orgaanizations. A library of separable, reusable components enables wide review and support to address changes in the threat landscape existing security vulnerabilities that might otherwise have been overlooked. diff --git a/_sass/uswds/.DS_Store b/_sass/uswds/.DS_Store deleted file mode 100644 index a89b55b..0000000 Binary files a/_sass/uswds/.DS_Store and /dev/null differ diff --git a/_site/404.html b/_site/404.html index bd823ce..f20b129 100644 --- a/_site/404.html +++ b/_site/404.html @@ -5,7 +5,7 @@ -Not found (404) | ATO ASAP +Not found (404) | OpenATO @@ -68,8 +68,13 @@ href="/" title="Home"> + OpenATO + - ATO ASAP ALPHA + OpenATO ALPHA @@ -224,11 +229,11 @@

    Not found (404)

    -Help improve this page +Help improve this page

    @@ -320,7 +325,7 @@

    Not found (404)

    -

    ATO ASAP

    +

    OpenATO

    @@ -332,7 +337,7 @@

    ATO ASAP

    @@ -343,7 +350,7 @@

    ATO ASAP

    @@ -369,7 +374,7 @@

    ATO ASAP

    @@ -343,7 +348,7 @@

    ATO ASAP

    -

    The ATO ASAP community is dedicated to providing a harassment-free experience for everyone, regardless of gender, gender identity and expression, sexual orientation, disability, physical appearance, body size, race, or religion. We do not tolerate harassment of participants in any form.

    +

    The OpenATO community is dedicated to providing a harassment-free experience for everyone, regardless of gender, gender identity and expression, sexual orientation, disability, physical appearance, body size, race, or religion. We do not tolerate harassment of participants in any form.

    -

    This code of conduct applies to all ATO ASAP sponsored spaces, including our blog, mailing lists, and wiki, as well as any other spaces that ATO ASAP hosts, both online and off. Anyone who violates this code of conduct may be sanctioned or expelled from these spaces at the discretion of the ATO ASAP Anti-Abuse Team.

    +

    This code of conduct applies to all OpenATO sponsored spaces, including our blog, mailing lists, and wiki, as well as any other spaces that OpenATO hosts, both online and off. Anyone who violates this code of conduct may be sanctioned or expelled from these spaces at the discretion of the OpenATO Anti-Abuse Team.

    -

    Some ATO ASAP-sponsored spaces may have additional rules in place, which will be made clearly available to participants. Participants are responsible for knowing and abiding by these rules. +

    Some OpenATO-sponsored spaces may have additional rules in place, which will be made clearly available to participants. Participants are responsible for knowing and abiding by these rules. Definitions

    Harassment includes:

    @@ -231,11 +236,11 @@

    Code of conduct

  3. Unwelcome sexual attention
  4. Pattern of inappropriate social contact, such as requesting/assuming inappropriate levels of intimacy with others
  5. Continued one-on-one communication after requests to cease
    6. -
  6. Deliberate “outing” of any aspect of a person’s identity without their consent except as necessary to protect other ATO ASAP members or other vulnerable people from intentional abuse
    7. +
  7. Deliberate “outing” of any aspect of a person’s identity without their consent except as necessary to protect other OpenATO members or other vulnerable people from intentional abuse
  8. Publication of non-harassing private communication
    9. -

    The ATO ASAP community prioritizes marginalized people’s safety over privileged people’s comfort. The ATO ASAP Anti-Abuse Team will not act on complaints regarding:

    +

    The OpenATO community prioritizes marginalized people’s safety over privileged people’s comfort. The OpenATO Anti-Abuse Team will not act on complaints regarding:

    + @@ -323,11 +329,11 @@

    Resources

    -Help improve this page +Help improve this page

    @@ -419,7 +425,7 @@

    Resources

    -

    ATO ASAP

    +

    OpenATO

    @@ -431,7 +437,7 @@

    ATO ASAP

    - + GitHub diff --git a/_site/guide/introduction.html b/_site/guide/introduction.html index 7b21b7c..cefbad5 100644 --- a/_site/guide/introduction.html +++ b/_site/guide/introduction.html @@ -5,7 +5,7 @@ -Introduction | ATO ASAP +Introduction | OpenATO @@ -70,8 +70,13 @@ href="/" title="Home"> + OpenATO + - ATO ASAP ALPHA + OpenATO ALPHA
    @@ -198,7 +203,7 @@
    1. - ATO ASAP Guide + OpenATO Guide
    2. @@ -261,7 +266,7 @@

      Introduction

      -

      Welcome to the ATO ASAP Guide.

      +

      Welcome to the OpenATO Guide.

      Our goal with this guide is to make it easy for everyone in government (public and private sector) to understand the authory to operate (ATO) process and how they can better address security as it pertains to their specific role.

      @@ -269,6 +274,7 @@

      Introduction

    + @@ -286,11 +292,11 @@

    Introduction

    -Help improve this page +Help improve this page

    @@ -382,7 +388,7 @@

    Introduction

    -

    ATO ASAP

    +

    OpenATO

    @@ -394,7 +400,7 @@

    ATO ASAP

    - + GitHub diff --git a/_site/guide/problem.html b/_site/guide/problem.html index 35b7d88..6a8d17e 100644 --- a/_site/guide/problem.html +++ b/_site/guide/problem.html @@ -5,7 +5,7 @@ -Problem | ATO ASAP +Problem | OpenATO @@ -70,8 +70,13 @@ href="/" title="Home"> + OpenATO + - ATO ASAP ALPHA + OpenATO ALPHA
    @@ -198,7 +203,7 @@
    1. - ATO ASAP Guide + OpenATO Guide
    2. @@ -277,6 +282,7 @@

      Problem

    + @@ -294,11 +300,11 @@

    Problem

    -Help improve this page +Help improve this page

    @@ -390,7 +396,7 @@

    Problem

    -

    ATO ASAP

    +

    OpenATO

    @@ -402,7 +408,7 @@

    ATO ASAP

    - + GitHub diff --git a/_site/guide/resources.html b/_site/guide/resources.html index 153669a..f3cc921 100644 --- a/_site/guide/resources.html +++ b/_site/guide/resources.html @@ -5,7 +5,7 @@ -Resources | ATO ASAP +Resources | OpenATO @@ -70,8 +70,13 @@ href="/" title="Home"> + OpenATO + - ATO ASAP ALPHA + OpenATO ALPHA
    @@ -198,7 +203,7 @@
    1. - ATO ASAP Guide + OpenATO Guide
    2. @@ -270,6 +275,7 @@

      Resources

    + @@ -287,11 +293,11 @@

    Resources

    -Help improve this page +Help improve this page

    @@ -383,7 +389,7 @@

    Resources

    -

    ATO ASAP

    +

    OpenATO

    @@ -395,7 +401,7 @@

    ATO ASAP

    - + GitHub diff --git a/_site/guide/solution.html b/_site/guide/solution.html index 27fe91f..1818fe1 100644 --- a/_site/guide/solution.html +++ b/_site/guide/solution.html @@ -5,7 +5,7 @@ -Solution | ATO ASAP +Solution | OpenATO @@ -70,8 +70,13 @@ href="/" title="Home"> + OpenATO + - ATO ASAP ALPHA + OpenATO ALPHA
    @@ -198,7 +203,7 @@
    1. - ATO ASAP Guide + OpenATO Guide
    2. @@ -267,6 +272,7 @@

      Solution

    + @@ -284,11 +290,11 @@

    Solution

    -Help improve this page +Help improve this page

    @@ -380,7 +386,7 @@

    Solution

    -

    ATO ASAP

    +

    OpenATO

    @@ -392,7 +398,7 @@

    ATO ASAP

    - + GitHub diff --git a/_site/guide/stakeholders.html b/_site/guide/stakeholders.html index 1ff051f..394ab90 100644 --- a/_site/guide/stakeholders.html +++ b/_site/guide/stakeholders.html @@ -5,7 +5,7 @@ -Stakeholders | ATO ASAP +Stakeholders | OpenATO @@ -70,8 +70,13 @@ href="/" title="Home"> + OpenATO + - ATO ASAP ALPHA + OpenATO ALPHA
    @@ -198,7 +203,7 @@
    1. - ATO ASAP Guide + OpenATO Guide
    2. @@ -282,6 +287,7 @@

      Stakeholders

    + @@ -299,11 +305,11 @@

    Stakeholders

    -Help improve this page +Help improve this page

    @@ -395,7 +401,7 @@

    Stakeholders

    -

    ATO ASAP

    +

    OpenATO

    @@ -407,7 +413,7 @@

    ATO ASAP

    - + GitHub diff --git a/_site/index.html b/_site/index.html index 3cb427f..42a45e4 100644 --- a/_site/index.html +++ b/_site/index.html @@ -5,7 +5,7 @@ -Home | ATO ASAP +Home | OpenATO @@ -70,8 +70,13 @@ href="/" title="Home"> + OpenATO + - ATO ASAP ALPHA + OpenATO ALPHA
    @@ -183,7 +188,7 @@

    -

    OpenATO is an open project and community to support streamlining the authority to operate process through openess, transparency, collaboration and automation.

    +

    Increasing security and decreasing toil by opening the Authority to Operate process.

    @@ -249,7 +254,7 @@

    Playbook

    Project board

    Project board

    -

    What we’re working on.

    +

    What we’re working on.

    @@ -260,7 +265,7 @@

    Project board

    Contribute

    Contribute

    -

    Everyone is welcome. Learn how you can contribute to ATO ASAP.

    +

    Everyone is welcome. Learn how you can contribute to OpenATO.

    @@ -300,42 +305,6 @@

    Fen Labalme

    -
  9. -
    -
    -
    - Luke Fretwell -
    -
    -
    -

    Luke Fretwell

    -
    -
    -

    -
    -
    -
    -
    -
    10. - -
  10. -
    -
    -
    - Marlena Medford -
    -
    -
    -

    Marlena Medford

    -
    -
    -

    -
    -
    -
    -
    -
    11. -
  11. @@ -361,6 +330,10 @@

    Mary Lazzeri

    News

    +

    Cybersecurity: Open and Transparent

    +

    Data Centricity is key.

    +

    March 11, 2024

    +

    FCW: Streamlining government security with a Federal Compliance Library

    FCW published a guest editorial we wrote on building a Federal Compliance Library to help streamline the authority to operate process.

    March 22, 2021

    @@ -382,7 +355,7 @@

    Day One Project: Compliance as Code and Imp

    Get started

    -

    Learn and contribute to ATO ASAP.

    +

    Learn and contribute to OpenATO.

    Join us

    @@ -404,11 +377,11 @@

    Get started

    -Help improve this page +Help improve this page

    @@ -500,7 +473,7 @@

    Get started

    -

    ATO ASAP

    +

    OpenATO

    @@ -512,7 +485,7 @@

    ATO ASAP

    @@ -338,7 +343,7 @@

    ATO ASAP

    @@ -336,7 +341,7 @@

    ATO ASAP

    @@ -247,11 +257,11 @@

    Day One Project: Compliance as Code and Imp -Help improve this page +Help improve this page

    @@ -343,7 +353,7 @@

    Day One Project: Compliance as Code and Imp
    -

    ATO ASAP

    +

    OpenATO

    @@ -355,7 +365,7 @@

    ATO ASAP

     @@ -344,7 +351,7 @@

    ATO ASAP

    12. -
  12. -
    -
    -
    - Luke Fretwell -
    -
    -
    -

    Luke Fretwell

    -
    -
    -

    -
    -
    -
    -
    -
    13. - -
  13. -
    -
    -
    - Marlena Medford -
    -
    -
    -

    Marlena Medford

    -
    -
    -

    -
    -
    -
    -
    -
    14. -
  14. @@ -290,6 +259,7 @@

    Mary Lazzeri

    + @@ -307,11 +277,11 @@

    Mary LazzeriHelp improve this page +Help improve this page

    @@ -403,7 +373,7 @@

    Mary Lazzeri -

    ATO ASAP

    +

    OpenATO

    @@ -415,7 +385,7 @@

    ATO ASAP

  15. LinkedIn
    16. -
  16. Twitter
    17. +
  17. GitLab
    18. @@ -224,6 +229,8 @@

    Connect

    Posts

    @@ -251,11 +258,11 @@

    Posts

    -Help improve this page +Help improve this page

    @@ -347,7 +354,7 @@

    Posts

    -

    ATO ASAP

    +

    OpenATO

    @@ -359,7 +366,7 @@

    ATO ASAP

    - + GitHub diff --git a/_site/people/marlena-medford.html b/_site/people/marlena-medford.html deleted file mode 100644 index 375406d..0000000 --- a/_site/people/marlena-medford.html +++ /dev/null @@ -1,408 +0,0 @@ - - - - - - - -Marlena Medford | ATO ASAP - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Skip to main content - - - - - - -
    - -
    - - - - - - - - - - - - - - - - - - - - - - - - - - -
    -
    -
    -
    -
    -

    Marlena Medford

    -
    -
    - photo of Marlena Medford -
    -
    -

    About

    -

    Marlena Medford is a team member of ATO ASAP.

    - -

    Connect

    - - - - - -
    -
    -
    -
    -
    -
    -
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/_site/people/mary-lazzeri.html b/_site/people/mary-lazzeri.html index bb763d4..0791067 100644 --- a/_site/people/mary-lazzeri.html +++ b/_site/people/mary-lazzeri.html @@ -5,7 +5,7 @@ -Mary Lazzeri | ATO ASAP +Mary Lazzeri | OpenATO @@ -68,8 +68,13 @@ href="/" title="Home"> + OpenATO + - ATO ASAP ALPHA + OpenATO ALPHA
    @@ -253,11 +258,11 @@

    Posts

    -Help improve this page +Help improve this page

    @@ -349,7 +354,7 @@

    Posts

    -

    ATO ASAP

    +

    OpenATO

    @@ -361,7 +366,7 @@

    ATO ASAP

    - + GitHub diff --git a/_site/playbook.html b/_site/playbook.html index e9174c3..efa9683 100644 --- a/_site/playbook.html +++ b/_site/playbook.html @@ -5,7 +5,7 @@ -ATO ASAP Playbook | ATO ASAP +OpenATO Playbook | OpenATO @@ -68,8 +68,13 @@ href="/" title="Home"> + OpenATO + - ATO ASAP ALPHA + OpenATO ALPHA
    @@ -177,7 +182,7 @@

    - ATO ASAP Playbook + OpenATO Playbook

    @@ -227,11 +232,11 @@

    -Help improve this page +Help improve this page

    @@ -323,7 +328,7 @@

    -

    ATO ASAP

    +

    OpenATO

    @@ -335,7 +340,7 @@

    ATO ASAP

    - + GitHub diff --git a/_site/people/luke-fretwell.html b/_site/posts/cybersecurity-notes.html similarity index 65% rename from _site/people/luke-fretwell.html rename to _site/posts/cybersecurity-notes.html index c0edffa..c4d53e9 100644 --- a/_site/people/luke-fretwell.html +++ b/_site/posts/cybersecurity-notes.html @@ -5,10 +5,12 @@ -Luke Fretwell | ATO ASAP +Cybersecurity: Open and Transparent | OpenATO + + + OpenATO + - ATO ASAP ALPHA + OpenATO ALPHA
    @@ -188,46 +195,63 @@ -
    -
    +
    -
    -
    -

    Luke Fretwell

    -
    -
    - photo of Luke Fretwell -
    -
    -

    About

    -

    Luke Fretwell is a team member of ATO ASAP.

    - -

    Connect

    - - - - - -
    +
    +
    + +

    Cybersecurity: Open and Transparent

    + +
    +
    +
    +
    + + + + + +
    +

    Fen Labalme

    +

    By Fen Labalme

    +

    March 11, 2024

    -
    + + +
    +
    +
    +
    +
    +

    Obtaining an ATO is required for every internet-based system in the federal government. The documentation for an ATO is called a system security plan or SSP. Creating the SSP can take months, and very few SSPs are clear, complete or well written. In particular, details about how, say, access control or audit logs are managed may be broadly covered with few specifics regarding the system at hand. Further complicating the process, is a shroud of secrecy that forces every ISSO building a SSP has to reinvent the wheel for every technology component that their system is using.

    + +

    After inspecting hundreds of SSPs, we have found that the information contained within rarely requires secrecy to maintain the security of the system. And when such sensitive information exists it is usually misplaced and should not be in the SSP to begin with. To be clear, the results of assessing an SSP, that may include a list of discovered vulnerabilities, can reasonably be considered sensitive and maintained in a secure fashion. But there’s a little reason for the SSP itself to remain secret, or even for the secure management of the general component-level assessment processes. (Tailored, specific assessment processes aimed at a particular implementation and environment may be crafted to exercise specific features of a system, and therefore may have a need to remain secret. But this is the exception and not the rule.)

    + +

    The threat landscape is evolving along with Moore’s Law at an exponential rate. Humans do not evolve so quickly. And there is an increasing need to be proactive in the expanding open source software world. SBOM can show you CVEs that exist, but you need to know, your developers need to know what the risks are and what needs to be protected and what the business case is. Where open source development appears to be getting more opaque, we believe this is the perfect time to introduce open source assessment and open source ATOs.

    + +

    Creating an SSP in an open and transparent manner can help to improve communication and collaboration between different parts of an organization and even across orgaanizations. A library of separable, reusable components enables wide review and support to address changes in the threat landscape existing security vulnerabilities that might otherwise have been overlooked.

    + +
    + + + + + + +
    +

    + Fen leads security and compliance for [CivicActions](https://civicactions.com). + +

    +
    + + + +
    -
    + @@ -244,11 +268,11 @@

    Connect

    -Help improve this page +Help improve this page

    @@ -340,7 +364,7 @@

    Connect

    -

    ATO ASAP

    +

    OpenATO

    @@ -352,7 +376,7 @@

    ATO ASAP

    - + GitHub diff --git a/_site/posts/day-one-project.html b/_site/posts/day-one-project.html index d6cef8c..0b07059 100644 --- a/_site/posts/day-one-project.html +++ b/_site/posts/day-one-project.html @@ -5,7 +5,7 @@ -Day One Project: Compliance as Code and Improving the ATO Process | ATO ASAP +Day One Project: Compliance as Code and Improving the ATO Process | OpenATO @@ -70,8 +70,13 @@ href="/" title="Home"> + OpenATO + - ATO ASAP ALPHA + OpenATO ALPHA
    @@ -258,11 +263,11 @@

    Day One Project: Compliance as Code and Improving t -Help improve this page +Help improve this page

    @@ -354,7 +359,7 @@

    Day One Project: Compliance as Code and Improving t
    -

    ATO ASAP

    +

    OpenATO

    @@ -366,7 +371,7 @@

    ATO ASAP

    - + GitHub diff --git a/_site/posts/fcw-ato-asap-lets-finally-fix-the-security-compliance-problem.html b/_site/posts/fcw-ato-asap-lets-finally-fix-the-security-compliance-problem.html index 27348fc..b362a94 100644 --- a/_site/posts/fcw-ato-asap-lets-finally-fix-the-security-compliance-problem.html +++ b/_site/posts/fcw-ato-asap-lets-finally-fix-the-security-compliance-problem.html @@ -5,7 +5,7 @@ -FCW: ATO ASAP: Let’s finally fix the security compliance problem | ATO ASAP +FCW: ATO ASAP: Let’s finally fix the security compliance problem | OpenATO @@ -70,8 +70,13 @@ href="/" title="Home"> + OpenATO + - ATO ASAP ALPHA + OpenATO ALPHA
    @@ -226,7 +231,7 @@

    FCW: ATO ASAP: Let’s finally fix the security com

    If we collaborate and take deliberate steps to integrate automation, we can unlock the bureaucratic inertia that has stalled compliance modernization and fix the ATO problem once and for all.

    -

    Full post: ATO ASAP: Let’s finally fix the security compliance problem

    +

    Full post: ATO ASAP: Let’s finally fix the security compliance problem

    @@ -264,11 +269,11 @@

    FCW: ATO ASAP: Let’s finally fix the security com -Help improve this page +Help improve this page

    @@ -360,7 +365,7 @@

    FCW: ATO ASAP: Let’s finally fix the security com
    -

    ATO ASAP

    +

    OpenATO

    @@ -372,7 +377,7 @@

    ATO ASAP

    - + GitHub diff --git a/_site/posts/fcw-streamlining-government-security-with-a-federal-compliance-library.html b/_site/posts/fcw-streamlining-government-security-with-a-federal-compliance-library.html index d98b061..de8d36b 100644 --- a/_site/posts/fcw-streamlining-government-security-with-a-federal-compliance-library.html +++ b/_site/posts/fcw-streamlining-government-security-with-a-federal-compliance-library.html @@ -5,7 +5,7 @@ -FCW: Streamlining government security with a Federal Compliance Library | ATO ASAP +FCW: Streamlining government security with a Federal Compliance Library | OpenATO @@ -70,8 +70,13 @@ href="/" title="Home"> + OpenATO + - ATO ASAP ALPHA + OpenATO ALPHA
    @@ -268,11 +273,11 @@

    FCW: Streamlining government security with a Federa -Help improve this page +Help improve this page

    @@ -364,7 +369,7 @@

    FCW: Streamlining government security with a Federa
    -

    ATO ASAP

    +

    OpenATO

    @@ -376,7 +381,7 @@

    ATO ASAP

    - + GitHub diff --git a/_site/posts/government-matters-rethinking-the-process-of-attaining-atos.html b/_site/posts/government-matters-rethinking-the-process-of-attaining-atos.html index 43e3893..2f2cd6b 100644 --- a/_site/posts/government-matters-rethinking-the-process-of-attaining-atos.html +++ b/_site/posts/government-matters-rethinking-the-process-of-attaining-atos.html @@ -5,7 +5,7 @@ -Government Matters: Rethinking the process of attaining ATOs | ATO ASAP +Government Matters: Rethinking the process of attaining ATOs | OpenATO @@ -70,8 +70,13 @@ href="/" title="Home"> + OpenATO + - ATO ASAP ALPHA + OpenATO ALPHA
    @@ -258,11 +263,11 @@

    Government Matters: Rethinking the process of attai -Help improve this page +Help improve this page

    @@ -354,7 +359,7 @@

    Government Matters: Rethinking the process of attai
    -

    ATO ASAP

    +

    OpenATO

    @@ -366,7 +371,7 @@

    ATO ASAP

    - + GitHub diff --git a/_site/posts/hello-world.html b/_site/posts/hello-world.html index c7fb19c..c0dd858 100644 --- a/_site/posts/hello-world.html +++ b/_site/posts/hello-world.html @@ -5,11 +5,11 @@ -Hello world | ATO ASAP +Hello world | OpenATO - + @@ -70,8 +70,13 @@ href="/" title="Home"> + OpenATO + - ATO ASAP ALPHA + OpenATO ALPHA
    @@ -238,6 +243,7 @@

    Hello world

    Fen leads security and compliance for [CivicActions](https://civicactions.com). +

    @@ -264,11 +270,11 @@

    Hello world

    -Help improve this page +Help improve this page

    @@ -360,7 +366,7 @@

    Hello world

    -

    ATO ASAP

    +

    OpenATO

    @@ -372,7 +378,7 @@

    ATO ASAP

    - + GitHub diff --git a/_site/sitemap.xml b/_site/sitemap.xml index 5c810f6..7ff3e0c 100644 --- a/_site/sitemap.xml +++ b/_site/sitemap.xml @@ -2,115 +2,111 @@ http://localhost:4000/guide/introduction -2024-03-03T13:08:34-05:00 +2024-03-19T14:44:06-04:00 http://localhost:4000/guide/problem -2024-03-03T13:08:34-05:00 +2024-03-08T17:31:34-05:00 http://localhost:4000/guide/resources -2024-03-03T13:08:34-05:00 +2024-03-08T17:31:34-05:00 http://localhost:4000/guide/solution -2024-03-03T13:08:34-05:00 +2024-03-08T17:31:34-05:00 http://localhost:4000/guide/stakeholders -2024-03-03T13:08:34-05:00 +2024-03-08T17:31:34-05:00 http://localhost:4000/people/fen-labalme -2024-03-03T13:08:34-05:00 - - -http://localhost:4000/people/luke-fretwell -2024-03-03T13:08:34-05:00 - - -http://localhost:4000/people/marlena-medford -2024-03-03T13:08:34-05:00 +2024-03-19T14:44:06-04:00 http://localhost:4000/people/mary-lazzeri -2024-03-03T13:08:34-05:00 +2024-03-08T17:31:34-05:00 http://localhost:4000/posts/day-one-project -2024-03-03T13:08:34-05:00 +2024-03-08T17:31:34-05:00 http://localhost:4000/posts/hello-world -2024-03-03T13:08:34-05:00 +2024-03-19T14:44:06-04:00 http://localhost:4000/posts/fcw-ato-asap-lets-finally-fix-the-security-compliance-problem -2024-03-03T13:08:34-05:00 +2024-03-19T14:44:06-04:00 http://localhost:4000/posts/government-matters-rethinking-the-process-of-attaining-atos -2024-03-03T13:08:34-05:00 +2024-03-08T17:31:34-05:00 http://localhost:4000/posts/fcw-streamlining-government-security-with-a-federal-compliance-library -2024-03-03T13:08:34-05:00 +2024-03-19T14:44:06-04:00 + + +http://localhost:4000/posts/cybersecurity-notes +2024-03-19T14:44:06-04:00 http://localhost:4000/about -2024-03-03T13:08:34-05:00 +2024-03-19T14:44:06-04:00 http://localhost:4000/accessibility -2024-03-03T13:08:34-05:00 +2024-03-19T14:44:06-04:00 http://localhost:4000/colophon -2024-03-03T13:08:34-05:00 +2024-03-08T17:31:34-05:00 http://localhost:4000/conduct -2024-03-03T13:08:34-05:00 +2024-03-19T14:44:06-04:00 http://localhost:4000/contact -2024-03-03T13:08:34-05:00 +2024-03-19T14:44:06-04:00 http://localhost:4000/federal-compliance-library -2024-03-03T13:08:34-05:00 +2024-03-08T17:31:34-05:00 http://localhost:4000/guide -2024-03-03T13:08:34-05:00 +2024-03-19T14:44:06-04:00 http://localhost:4000/ -2024-03-08T16:42:51-05:00 +2024-03-19T14:44:06-04:00 http://localhost:4000/news/ -2024-03-03T13:08:34-05:00 +2024-03-19T14:44:06-04:00 http://localhost:4000/join -2024-03-03T13:08:34-05:00 +2024-03-19T14:44:06-04:00 http://localhost:4000/license -2024-03-03T13:08:34-05:00 +2024-03-19T14:44:06-04:00 http://localhost:4000/open -2024-03-03T13:08:34-05:00 +2024-03-19T14:44:06-04:00 http://localhost:4000/people -2024-03-03T13:08:34-05:00 +2024-03-19T14:44:06-04:00 http://localhost:4000/playbook -2024-03-03T13:08:34-05:00 +2024-03-19T14:44:06-04:00 http://localhost:4000/assets/img/icons/18F_feather/18F-Feather-Icons--all.pdf diff --git a/assets/.DS_Store b/assets/.DS_Store deleted file mode 100644 index 5c4fe2d..0000000 Binary files a/assets/.DS_Store and /dev/null differ diff --git a/assets/img/.DS_Store b/assets/img/.DS_Store deleted file mode 100644 index c1dfa8a..0000000 Binary files a/assets/img/.DS_Store and /dev/null differ diff --git a/assets/img/cards/.DS_Store b/assets/img/cards/.DS_Store deleted file mode 100644 index 5008ddf..0000000 Binary files a/assets/img/cards/.DS_Store and /dev/null differ diff --git a/assets/img/circles/.DS_Store b/assets/img/circles/.DS_Store deleted file mode 100644 index 5008ddf..0000000 Binary files a/assets/img/circles/.DS_Store and /dev/null differ diff --git a/assets/img/icons/18F_feather/all/.DS_Store b/assets/img/icons/18F_feather/all/.DS_Store deleted file mode 100644 index 5514e78..0000000 Binary files a/assets/img/icons/18F_feather/all/.DS_Store and /dev/null differ diff --git a/assets/img/logos/.DS_Store b/assets/img/logos/.DS_Store deleted file mode 100644 index f123561..0000000 Binary files a/assets/img/logos/.DS_Store and /dev/null differ diff --git a/assets/img/logos/OpenATO.png b/assets/img/logos/OpenATO.png new file mode 100644 index 0000000..d382b3e Binary files /dev/null and b/assets/img/logos/OpenATO.png differ diff --git a/assets/img/people/.DS_Store b/assets/img/people/.DS_Store deleted file mode 100644 index 5008ddf..0000000 Binary files a/assets/img/people/.DS_Store and /dev/null differ diff --git a/assets/uswds/.DS_Store b/assets/uswds/.DS_Store deleted file mode 100644 index 0a4addc..0000000 Binary files a/assets/uswds/.DS_Store and /dev/null differ diff --git a/assets/uswds/img/favicons/.DS_Store b/assets/uswds/img/favicons/.DS_Store deleted file mode 100644 index 5008ddf..0000000 Binary files a/assets/uswds/img/favicons/.DS_Store and /dev/null differ diff --git a/assets/uswds/img/social-icons/.DS_Store b/assets/uswds/img/social-icons/.DS_Store deleted file mode 100644 index 5008ddf..0000000 Binary files a/assets/uswds/img/social-icons/.DS_Store and /dev/null differ diff --git a/news/index.html b/news/index.html index fd29639..54c1ccc 100644 --- a/news/index.html +++ b/news/index.html @@ -1,10 +1,10 @@ --- title: News layout: page -description: Latest ATO ASAP news. +description: Latest OpenATO news. --- {% for post in site.posts %}

    {{ post.title }}

    {{ post.description }}

    {{ post.date | date: "%B %-d, %Y" }}

    -{% endfor %} \ No newline at end of file +{% endfor %} diff --git a/pages/#about.md# b/pages/#about.md# new file mode 100644 index 0000000..d5b3177 --- /dev/null +++ b/pages/#about.md# @@ -0,0 +1,14 @@ +--- +layout: page +title: About +description: What OpenATO is and how we work. +permalink: /about +--- + +OpenATO is an [open project and community](open). + +With Compliance as Code as a base, a library of reusble and locally configurable component definitions can be created. These are best shared as Open Source so that experts across multiple domains can review and enhance as vulnerabilities are discovered and mitigated and the threat landscape changes. + +## Our work +* [Project board](https://github.com/openato/website/projects/1) +* [Join us](join diff --git a/pages/.#about.md b/pages/.#about.md new file mode 120000 index 0000000..c241bd6 --- /dev/null +++ b/pages/.#about.md @@ -0,0 +1 @@ +fen@truckinX1.18125:1710461484 \ No newline at end of file diff --git a/pages/.DS_Store b/pages/.DS_Store deleted file mode 100644 index 5008ddf..0000000 Binary files a/pages/.DS_Store and /dev/null differ diff --git a/pages/about.md b/pages/about.md index ec9a95b..c98864d 100644 --- a/pages/about.md +++ b/pages/about.md @@ -1,13 +1,15 @@ --- layout: page title: About -description: What ATO ASAP is and how we work. +description: What OpenATO is and how we work. permalink: /about --- -ATO ASAP is an [open project and community](open). +OpenATO is an [open project and community](open). + +With Compliance as Code as a base, a library of reusble and locally configurable component definitions can be created. These are best shared as Open Source so that experts across multiple domains can review and enhance as vulnerabilities are discovered and mitigated and the threat landscape changes. ## Our work -* [Project board](https://github.com/ato-asap/website/projects/1) +* [Project board](https://github.com/openato/website/projects/1) * [Join us](join) diff --git a/pages/accessibility.md b/pages/accessibility.md index be01039..065f83c 100644 --- a/pages/accessibility.md +++ b/pages/accessibility.md @@ -7,7 +7,7 @@ permalink: /accessibility ## Our goals -The ATO ASAP website is a work in progress, but as part of this we are attempting to follow the best practices we are documenting. +The OpenATO website is a work in progress, but as part of this we are attempting to follow the best practices we are documenting. We strive to meet the latest W3C Recommendation of the WCAG guidelines (currently [WCAG 2.1 AA](https://www.w3.org/TR/WCAG21/)). @@ -27,7 +27,7 @@ The pages on this website are primarily written in Markdown which substantially ## Known issues -* [Open website accessibility issues](https://github.com/CivicActions/ato-asap/labels/accessibility) +* [Open website accessibility issues](https://github.com/CivicActions/openato/labels/accessibility) * We can control the accessibility of the site, but not the accessibility of GitHub. GitHub is reasonably accessible, but is not currently seeking to be as accessible as this site. ## Feedback @@ -35,5 +35,5 @@ The pages on this website are primarily written in Markdown which substantially If you run into any accessibility barriers with this website, please contact us: * Email: [accessibility@civicactions.com](mailto:ato-asap@civicactions.com) -* [Submit an issue](https://github.com/CivicActions/ato-asap/issues) +* [Submit an issue](https://github.com/CivicActions/OpenATO/issues) * [Submit a pull request](https://docs.github.com/en/github/collaborating-with-issues-and-pull-requests/creating-a-pull-request) diff --git a/pages/conduct.md b/pages/conduct.md index ff9edb0..0cfefa6 100644 --- a/pages/conduct.md +++ b/pages/conduct.md @@ -1,17 +1,17 @@ --- title: Code of conduct -description: ATO ASAP code of conduct. +description: OpenATO code of conduct. permalink: /conduct layout: post --- -The ATO ASAP community is dedicated to providing a harassment-free experience for everyone, regardless of gender, gender identity and expression, sexual orientation, disability, physical appearance, body size, race, or religion. We do not tolerate harassment of participants in any form. +The OpenATO community is dedicated to providing a harassment-free experience for everyone, regardless of gender, gender identity and expression, sexual orientation, disability, physical appearance, body size, race, or religion. We do not tolerate harassment of participants in any form. -This code of conduct applies to all ATO ASAP sponsored spaces, including our blog, mailing lists, and wiki, as well as any other spaces that ATO ASAP hosts, both online and off. Anyone who violates this code of conduct may be sanctioned or expelled from these spaces at the discretion of the ATO ASAP Anti-Abuse Team. +This code of conduct applies to all OpenATO sponsored spaces, including our blog, mailing lists, and wiki, as well as any other spaces that OpenATO hosts, both online and off. Anyone who violates this code of conduct may be sanctioned or expelled from these spaces at the discretion of the OpenATO Anti-Abuse Team. -Some ATO ASAP-sponsored spaces may have additional rules in place, which will be made clearly available to participants. Participants are responsible for knowing and abiding by these rules. +Some OpenATO-sponsored spaces may have additional rules in place, which will be made clearly available to participants. Participants are responsible for knowing and abiding by these rules. Definitions Harassment includes: @@ -30,10 +30,10 @@ Harassment includes: * Unwelcome sexual attention * Pattern of inappropriate social contact, such as requesting/assuming inappropriate levels of intimacy with others * Continued one-on-one communication after requests to cease -* Deliberate “outing” of any aspect of a person’s identity without their consent except as necessary to protect other ATO ASAP members or other vulnerable people from intentional abuse +* Deliberate “outing” of any aspect of a person’s identity without their consent except as necessary to protect other OpenATO members or other vulnerable people from intentional abuse * Publication of non-harassing private communication -The ATO ASAP community prioritizes marginalized people’s safety over privileged people’s comfort. The ATO ASAP Anti-Abuse Team will not act on complaints regarding: +The OpenATO community prioritizes marginalized people’s safety over privileged people’s comfort. The OpenATO Anti-Abuse Team will not act on complaints regarding: * ‘Reverse’ -isms, including ‘reverse racism,’ ‘reverse sexism,’ and ‘cisphobia’ (because these things don’t exist) * Reasonable communication of boundaries, such as “leave me alone,” “go away,” or “I’m not discussing this with you.” @@ -43,15 +43,15 @@ The ATO ASAP community prioritizes marginalized people’s safety over privilege Reporting -If you are being harassed by a member of the ATO ASAP community, notice that someone else is being harassed, or have any other concerns, please contact the ATO ASAP Anti-Abuse Team. If the person who is harassing you is on the team, they will recuse themselves from handling your incident. We will respond as promptly as we can. +If you are being harassed by a member of the OpenATO community, notice that someone else is being harassed, or have any other concerns, please contact the OpenATO Anti-Abuse Team. If the person who is harassing you is on the team, they will recuse themselves from handling your incident. We will respond as promptly as we can. -This code of conduct applies to ATO ASAP sponsored spaces, but if you are being harassed by a member of the ATO ASAP community outside our spaces, we still want to know about it. We will take all good-faith reports of harassment by ATO ASAP community members, especially bloggers, seriously. This includes harassment outside our spaces and harassment that took place at any point in time.The abuse team reserves the right to exclude people from the ATO ASAP community based on their past behavior, including behavior outside ATO ASAP spaces and behavior towards people who are not in the ATO ASAP community. +This code of conduct applies to OpenATO sponsored spaces, but if you are being harassed by a member of the OpenATO community outside our spaces, we still want to know about it. We will take all good-faith reports of harassment by OpenATO community members, especially bloggers, seriously. This includes harassment outside our spaces and harassment that took place at any point in time.The abuse team reserves the right to exclude people from the OpenATO community based on their past behavior, including behavior outside OpenATO spaces and behavior towards people who are not in the OpenATO community. -In order to protect volunteers from abuse and burnout, we reserve the right to reject any report we believe to have been made in bad faith. The ATO ASAP Anti-Abuse Team is not here to explain power differentials or other basic social justice concepts to you. Reports intended to silence legitimate criticism may be deleted without response. +In order to protect volunteers from abuse and burnout, we reserve the right to reject any report we believe to have been made in bad faith. The OpenATO Anti-Abuse Team is not here to explain power differentials or other basic social justice concepts to you. Reports intended to silence legitimate criticism may be deleted without response. -We will respect confidentiality requests for the purpose of protecting victims of abuse. At our discretion, we may publicly name a person about whom we’ve received harassment complaints, or privately warn third parties about them, if we believe that doing so will increase the safety of ATO ASAP members or the general public. We will not name harassment victims without their affirmative consent. +We will respect confidentiality requests for the purpose of protecting victims of abuse. At our discretion, we may publicly name a person about whom we’ve received harassment complaints, or privately warn third parties about them, if we believe that doing so will increase the safety of OpenATO members or the general public. We will not name harassment victims without their affirmative consent. Consequences Participants asked to stop any harassing behavior are expected to comply immediately. -If a participant engages in harassing behavior, the ATO ASAP Anti-Abuse Team may take any action they deem appropriate, up to and including expulsion from all ATO ASAP spaces and identification of the participant as a harasser to other ATO ASAP members or the general public. \ No newline at end of file +If a participant engages in harassing behavior, the OpenATO Anti-Abuse Team may take any action they deem appropriate, up to and including expulsion from all OpenATO spaces and identification of the participant as a harasser to other OpenATO members or the general public. diff --git a/pages/contact.md b/pages/contact.md index 958e3cc..c6c378b 100644 --- a/pages/contact.md +++ b/pages/contact.md @@ -6,4 +6,4 @@ permalink: /contact --- * Email: [ato-asap@civicactions.com](mailto:ato-asap@civicactions.com) -* GitHub: [Submit an issue](https://github.com/ato-asap/wesbite/issues) +* GitHub: [Submit an issue](https://github.com/openato/website/issues) diff --git a/pages/guide.html b/pages/guide.html index 4d40a0f..f553ecc 100644 --- a/pages/guide.html +++ b/pages/guide.html @@ -1,7 +1,7 @@ --- layout: default title: ATO ASAP Guide -description: Educating everyone on how we can streamline the authority to operate process. +description: Increasing security and decreasing toil by opening the Authority to Operate process. excerpt: Educating everyone on how we can streamline the authority to operate process. permalink: /guide redirect_from: @@ -9,14 +9,14 @@ hero: image: callout: - alt: "ATO ASAP Guide" + alt: "OpenATO Guide" text: link: text: Link to more about that priority href: /link/ - content: Educating the federal government community on how we can streamline the authority to operate process. + content: Increasing security and decreasing toil by opening the Authority to Operate process. ---
    {% include guide.html %} -
    \ No newline at end of file +
    diff --git a/pages/home.md b/pages/home.md index 7d5dc50..5192c89 100644 --- a/pages/home.md +++ b/pages/home.md @@ -15,8 +15,8 @@ hero: link: text: Link to more about that priority href: /link/ - content: OpenATO is an open project and community to support streamlining the authority to operate process through openess, transparency, collaboration and automation. - + content: Increasing security and decreasing toil by opening the Authority to Operate process. + tagline: We're open. intro: | OpenATO is an open, agile project and community. We work iteratively, in public. [Learn more.](open) @@ -36,19 +36,19 @@ graphics: src: /assets/img/circles/git-pull-request.png alt: "Project board" title: Project board - description: What we're [working on](https://github.com/ato-asap/website/projects/1). + description: What we're [working on](https://github.com/OpenATO/projects/). - image: src: /assets/img/circles/circle-lightbulb.png alt: "Contribute" title: Contribute - description: Everyone is welcome. [Learn how you can contribute](join) to ATO ASAP. + description: Everyone is welcome. [Learn how you can contribute](join) to OpenATO. --- ## Get started {:.font-heading-xl.margin-y-0"} -Learn and contribute to ATO ASAP. +Learn and contribute to OpenATO. {:.usa-intro } diff --git a/pages/join.md b/pages/join.md index 1cfba87..ca669ba 100644 --- a/pages/join.md +++ b/pages/join.md @@ -1,9 +1,9 @@ --- layout: page title: Join us -description: How to get involved with ATO ASAP. +description: How to get involved with OpenATO. permalink: /join --- -* Add ideas to the [issue queue](https://github.com/ato-asap/website/issues) \ No newline at end of file +* Add ideas to the [issue queue](https://github.com/OpenATO/website/issues) diff --git a/pages/license.md b/pages/license.md index c73fef1..a59d71b 100644 --- a/pages/license.md +++ b/pages/license.md @@ -1,10 +1,10 @@ --- title: License -description: License for ATO ASAP. +description: License for OpenATO. permalink: /license layout: page --- -This work is licensed under [Creative Commons Attribution-ShareAlike 4.0 International License](https://creativecommons.org/licenses/by-sa/4.0/)). \ No newline at end of file +This work is licensed under [Creative Commons Attribution-ShareAlike 4.0 International License](https://creativecommons.org/licenses/by-sa/4.0/)). diff --git a/pages/open.md b/pages/open.md index 61c89c2..4ab49a5 100644 --- a/pages/open.md +++ b/pages/open.md @@ -7,8 +7,10 @@ permalink: /open ## We work in the open -ATO ASAP is an open, agile project and community. We work iteratively, in public. +OpenATO is a collection of projects and community to support streamlining the authority to operate process through openess, transparency, collaboration and automation. + +We work iteratively, in [public](https://www.swyx.io/learn-in-public). ## Our work -* [Project board](https://github.com/ato-asap/website/projects/1) +* [Project board](https://github.com/orgs/OpenATO/projects) diff --git a/pages/people.html b/pages/people.html index 1fba831..d790cd6 100644 --- a/pages/people.html +++ b/pages/people.html @@ -2,7 +2,7 @@ layout: default title: People permalink: /people -description: Meet the humans of ATO ASAP. +description: Meet the humans of OpenATO. excerpt: hero: image: @@ -12,7 +12,7 @@ link: text: Link to more about that priority href: /link/ - content: Meet the humans of ATO ASAP. + content: Meet the humans of OpenATO ---
    @@ -39,4 +39,4 @@

    {{ au {% endfor %}

    -
    \ No newline at end of file + diff --git a/pages/playbook.html b/pages/playbook.html index 38ddd65..edcc948 100644 --- a/pages/playbook.html +++ b/pages/playbook.html @@ -1,13 +1,13 @@ --- layout: default -title: ATO ASAP Playbook +title: OpenATO Playbook description: excerpt: permalink: /playbook hero: image: callout: - alt: "ATO ASAP Playbook" + alt: "OpenATO Playbook" text: link: text: Link to more about that priority