Welcome to GTRA

About Me

Agency/Company/Association:

NIST

Department:

Computer Security Division

Title:

Senior Computer Scientist

Sector:

Public Sector

Presentations:

December 2010: Technical Foundations for Continuous Security Monitoring June 2010: Security in Public / Private / Hybrid Clouds: An Executive Panel Perspective Federal Risk and Authorization Management Program (FedRAMP)

About Me:

Peter Mell is a senior computer scientist in the Computer Security Division at the National Institute of Standards and Technology (NIST). He is the NIST lead on joint agency work creating a continuous security monitoring reference model for the U.S. government. His past work includes creating the U.S. National Vulnerability Database, co-founding the NIST Security Content Automation Protocol (SCAP), and creating the SCAP product validation program. He was also the lead author of the Common Vulnerability Scoring System (CVSS) vulnerability metrics used to secure credit card systems worldwide. In cloud computing, he wrote the U.S. government definition that is now being submitted to the International Standards Organization. He also started the Federal Risk and Authorization Management Program (FedRAMP) initiative for enabling government-wide risk management of cloud computing systems. His recent research experience includes the areas of continuous monitoring, cloud computing, security metrics, security automation, and vulnerability databases.