Event Management Automation Protocol (EMAP)
The Event Management Automation Protocol (EMAP) is a suite of interoperable specifications designed to standardize the communication of event management data. EMAP is an emerging protocol within the NIST Security Automation Program, and is a peer to similar automation protocols such as the Security Content Automation Protocol (SCAP). Where SCAP standardizes the data models of configuration and vulnerability management domains, EMAP will focus on standardizing the data models relating to event and audit management. At a high-level, the goal of EMAP is to enable standardized content, representation, exchange, correlation, searching, storing, prioritization, and auditing of event records within an organizational IT environment.
Community involvement is critical to the success of the EMAP initiative, because input from the security automation community will ensure the broadest possible range of use cases is reflected in EMAP functionality. This Web site is provided to support continued community involvement. This site will be updated regularly and will serve as the primary resource for finding EMAP related materials. You are invited to participate, whether monitoring community dialog or leading more substantive activities like specification authorship.
- 07/21/2011 - The EMAP team needs your low-level use cases
- Subscribe via RSS
- 08/31/2011 - Presentations from the first EMAP Developer Days
- 06/06/2011 - Draft EMAP Use Cases and Requirements (PDF)
- Mailing Lists: