Remote attestation enabling posture assessment for automated GRC
Attestation performed across the full hardware and software stack can be used to provide system-level posture assessment. The capability to perform attestation throughout the stack would shift responsibilities to vendors for continuous assessment capabilities.
This shift then enables new options and capabilities for organizations to use selected profiles that meet expected security levels. A small number of highly skilled professionals are then responsible for creating these profiles, eliminating the need for experts to establish configuration at each organization. This transition, and similar architectural patterns, will help to reduce the 3.5-million-person deficit of security professionals.