Updates to OSCAL website (issue usnistgov#1237) (usnistgov#1277)

* Added page for the OSCAL mini workshops series
* Added 3rd annual workshop page
* Updated submodule for needed fix for usnistgov/hugo-uswds#17 with usnistgov/hugo-uswds#18.

Co-authored-by: Alexander Stein <[email protected]>

docs/content/learn/presentations/OSCAL-mini-workshop-series.md

@@ -0,0 +1,48 @@
+# OSCAL Mini Workshop Series
+
+The NIST [OSCAL](/) team is hosting a new series of mini workshops. They aim to address topics of interest for our community and to open this forum for its members to present their [OSCAL](/)-related work. Unless specifically stated, the workshops will not require a deep, technical understanding of [OSCAL](/), and the dialog is informal, allowing the community to interact with the presenters and with the [OSCAL](/) team members. 
+
+Please see below the call for proposals if you are interested in presenting your [OSCAL](/) work. To submit topics for discussion, please email us at [[email protected]]([email protected]).
+
+The [OSCAL](/) project and this workshop series are aligned with NIST’s mission of promoting U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life. NIST works to maximize its impact and mission fulfillment by positioning itself to anticipate future technology trends and develop the most important measurements and standards products that are aligned with industry drivers and needs.
+
+We encourage developers of control-oriented security tools, organizations that want to use or create [OSCAL](/)-based information to automate security assessment, and those planning to move towards continuous Authorization to Operate (cATO) to attend the workshops.
+
+Who should attend:
+- Leaders in digital transformation and security automation from the government, private, and academic sectors;
+- Vendors of security automation tools who are considering implementing OSCAL formats in their tools;
+- Participants in standard development organizations focusing on developing and publishing control catalogs and baselines;
+- System owners from the government, private, and academic sectors, who want to streamline the documentation of controls used in their information systems.
+
+## Call for Proposals
+
+NIST [OSCAL](/) Mini Workshop program committee is seeking timely, topical, and thought-provoking **technical** **presentations or demonstrations** highlighting [OSCAL](/) editorial tools, OSCAL-based security assessment automation processes, and Governance Risk and Compliance (GRC) tools supporting OSCAL formats for integration into such processes. 
+
+**NIST is not endorsing any of the OSCAL tools or services presented and presentation or demos promoting such tools or services as opposed to focusing on the OSCAL-related technical aspects will not be permitted.**
+
+We encourage proposals from a diverse array of organizations and individuals with different perspectives, from the public and private sectors, international bodies, assessment and authorization (A&A), or certification and authorization (C&A) providers.
+
+Please find below the calendar of proposed dates. Before submitting a proposal, please consult the calendar and indicate the preferred date with your submission and the duration of your presentation (30 min or 60 min, including Q&A). We will do our best to update the calendar as soon as a submission is approved.
+
+Submit your proposal via email to [[email protected]]([email protected]), with the subject line: “OSCAL Workshop - [Date: yyyy/mm/dd]”, where the “Date” is the selected date from the calendar below. Please include in your submission a preassessment of the OSCAL knowledge level the audience will need using a 4-levels scale with level one (L1/bronze) being equivalent to novice and level four (L4/platinum) being an OSCAL expert. 
+
+## Workshops Calendar
+
+| Date | Time | Talk/Demo/Discussion | Presenter & Affiliation | Type | Knowledge Level | Notes |
+| ---- | ---- | ---------------------| ----------------------- | ---- | --------------- | ------ |
+| 2022/05/18 | 11:00AM-12:00PM EDT | 1.  Compliance as Code for Big Bang Risk Management Framework (RMF) Control Mapping to Accelerate Department of Defense (DoD) Authorization to Operate (ATO) | Maj Camdon Cady, Chief Operating Officer, Platform One, US Airforce | presentation |  L2 |   |
+|  |  | 2. OSCAL Catalog Authoring Tool (CAT) | Dmitry Cousin, NIST |demo |  L1 |  | 
+|  2022/06/15 |  11:00AM-12:00PM EDT  | 1. Trestle - compliance as codeorchestrator and automation workflow | Dr. Anca Sailer, IBM | presentation | L3 |  | 
+|  |  | 2. |  |  |  |  | 
+|  2022/07/13 |  11:00AM-12:00PM EDT  | 1. |  |  |  |  | 
+|  |  | 2. |  |  |  |  |
+|  2022/08/10 |  11:00AM-12:00PM EDT  | 1. |  |  |  |  | 
+|  |  | 2. |   |  |  |  |
+|  2022/09/07 |  11:00AM-12:00PM EDT  | 1. |  |  |  |  | 
+|  |  | 2. |   |  |  |  |
+|  2022/10/05 |  11:00AM-12:00PM EDT  | 1. |  |  |  |  | 
+|  |  | 2. |   |  |  |  |
+|  2022/11/02 |  11:00AM-12:00PM EDT  | 1. |  |  |  |  | 
+|  |  | 2. |   |  |  |  | 
+|  2022/11/30 |  11:00AM-12:00PM EDT  | 1. |  |  |  |  | 
+|  |  | 2. |   |  |  |  |

docs/content/learn/presentations/oscal-workshop-2022-03.md

@@ -0,0 +1,166 @@
+---
+title: 3rd OSCAL Workshop
+heading: 3rd Open Security Controls Assessment Language (OSCAL) Workshop
+toc:
+  enabled: true
+---
+
+{{% usa-tag %}}When{{% /usa-tag %}} March 1, 2022 thru March 2nd, 2022
+{{% usa-tag %}}Purpose{{% /usa-tag %}} The workshop will provide attendees an opportunity to familiarize themselves and build skills in the development and use of OSCAL. We encourage developers of control-oriented security tools, and organizations that want to use or create OSCAL-based information, to register and attend the workshop. 
+
+The following presentations are available from this workshop. Recordings are also provided where available. The [full agenda](https://www.nist.gov/system/files/documents/2022/02/28/Open%20Security%20Controls%20Assessment%20Language_AGENDA_2022.03.01_final_1.pdf) is also available. The [speakers' bios](https://www.nist.gov/system/files/documents/2022/02/28/2022_OSCAL-Speaker-Bios_final.pdf) is available for review.
+
+## March 1, 2022:
+
+**Welcome, Introduction and Administrative issues** \[no slides\] \[[video](https://cdnapisec.kaltura.com/html5/html5lib/v2.90/mwEmbedFrame.php/p/684682/uiconf_id/33598632?wid=_684682&iframeembed=true&playerId=kaltura_player_1647535799&flashvars[playlistAPI.kpl0Id]=1_52kkk74m)\]
+
+      Matthew Scholl, Chief, Computer Security Division, NIST
+
+**Visionary Keynote** \[no slides\] \[[video](https://cdnapisec.kaltura.com/index.php/extwidget/preview/partner_id/684682/uiconf_id/33598632/entry_id/1_6h8swt6e/embed/dynamic#t=09:45)\]
+
+      André Mendez, CIO, DoC
+
+**[What is OSCAL and Who Needs It?](https://csrc.nist.gov/csrc/media/Events/2022/3rd-oscal-workshop/documents/1.2%20-%20Main%20-%20NIST_OSCAL-What_is_and_Who_needs_it.pdf)** \[[video](https://cdnapisec.kaltura.com/index.php/extwidget/preview/partner_id/684682/uiconf_id/33598632/entry_id/1_6h8swt6e/embed/dynamic#t=34:57)\]
+
+      Dr. Michaela Iorga, OSCAL Strategic Outreach Director, NIST
+
+      David Waltermire, OSCAL Technical Director, NIST
+
+**[FedRAMP Automation](https://csrc.nist.gov/csrc/media/Events/2022/3rd-oscal-workshop/documents/1.3%20-%20Main%20-%20GSA_NIST%20OSCAL%20Briefing%202022.pdf)**\[[video](https://cdnapisec.kaltura.com/index.php/extwidget/preview/partner_id/684682/uiconf_id/33598632/entry_id/1_i2t4vnpj/embed/dynamic)\]
+
+      Zach Baldwin, Program Manager for Strategy, Innovation, and Technology, FedRAMP, GSA
+
+      Gary Gapinski, Security and XML Engineer, Flexion Inc. 
+
+      Thomas Volpe Sr., CIO, VITG Inc.
+
+### Parallel Tracks
+
+Track 1: **[OSCAL from Zero to Automation Hero](https://csrc.nist.gov/csrc/media/Events/2022/3rd-oscal-workshop/documents/1.t1%20-%20Lunch%20-%20OSCAL_Zero_Automation_Hero_UPDATED.pdf)** \[[video](https://cdnapisec.kaltura.com/index.php/extwidget/preview/partner_id/684682/uiconf_id/33598632/entry_id/1_qinesxcp/embed/dynamic)\]
+
+      Alexander (AJ) Stein, OSCAL team member, NIST 
+
+      Dr. Wendell Piez, OSCAL team member, NIST
+
+Track 2: **[Achieving Continuous Authorization to Operate (ATO) with OSCAL](https://csrc.nist.gov/csrc/media/Events/2022/3rd-oscal-workshop/documents/1.t2%20-%20Lunch%20-%20Achieving%20Continuous%20ATO%20with%20OSCAL.pdf)** \[[video](https://cdnapisec.kaltura.com/index.php/extwidget/preview/partner_id/684682/uiconf_id/33598632/entry_id/1_7hhd824e/embed/dynamic)\]
+
+      Jasson Walker, President, cFocus Software
+
+Track 3: **[DevSecComp(liance)Ops with OSCAL](https://csrc.nist.gov/csrc/media/Events/2022/3rd-oscal-workshop/documents/1.t3%20-%20Lunch%20-%20EasyDynamics_DevSecComp(liance)Ops%20with%20OSCAL%20(Submitted).pdf)** \[[video](https://cdnapisec.kaltura.com/index.php/extwidget/preview/partner_id/684682/uiconf_id/33598632/entry_id/1_5i7fcyj1/embed/dynamic)\]
+
+      Ray Gauss, Director of Innovation, Easy Dynamics
+
+Track 4: **[OSCAL Tools: Open Source XSLT for OSCAL](https://csrc.nist.gov/csrc/media/Events/2022/3rd-oscal-workshop/documents/1.t4%20-%20Lunch%20-%20Piez_workshop-March2022-slides-OSCALtools.pdf)** \[[video](https://cdnapisec.kaltura.com/index.php/extwidget/preview/partner_id/684682/uiconf_id/33598632/entry_id/1_rksrynl7/embed/dynamic)\]
+
+      Dr. Wendell Piez, OSCAL team member, NIST
+
+Track 5: **[Leveraged Authorizations to Operate](https://csrc.nist.gov/csrc/media/Events/2022/3rd-oscal-workshop/documents/1.t5%20-%20Lunch%20-%20Leveraged%20Authorizations%20to%20Operate.pdf)** \[[video](https://cdnapisec.kaltura.com/index.php/extwidget/preview/partner_id/684682/uiconf_id/33598632/entry_id/1_yz2utrks/embed/dynamic)\] 
+
+      Jasson Walker, President, cFocus Software
+
+Track 6: **[Accelerating FedRAMP, FISMA and CMMC ATO’s with OSCAL](https://csrc.nist.gov/csrc/media/Events/2022/3rd-oscal-workshop/documents/1.t6%20-%20Lunch%20-%20stackArmor%20-%20FASTTR%20on%20AWS%20-%20NIST%20OSCAL%20-%20March%202022.pdf)** \[[video](https://cdnapisec.kaltura.com/index.php/extwidget/preview/partner_id/684682/uiconf_id/33598632/entry_id/1_nncitwnk/embed/dynamic)\] 
+
+      Gaurav (GP) Pal, Principal/SME, StackArmorMartin Rieger, Chief Solutions Officer, StackArmor
+
+**[Bloss@m - Security Assessment Automation with OSCAL](https://csrc.nist.gov/csrc/media/Events/2022/3rd-oscal-workshop/documents/1.4%20-%20Main%20-%20BLOSSOM_Automated_DevSecOps_Slides_UPDATED.pdf)** \[[video](https://cdnapisec.kaltura.com/index.php/extwidget/preview/partner_id/684682/uiconf_id/33598632/entry_id/1_v1j262wj/embed/dynamic#t=01:12)\]
+
+       Alexander (AJ) Stein, OSCAL team member, NIST
+
+       Nikita Wootten, OSCAL team member, NIST
+
+**[NIST SP 800-53: Empowered by OSCAL](https://csrc.nist.gov/csrc/media/Events/2022/3rd-oscal-workshop/documents/1.5%20-%20Main%20-%20SP800-53%20Empowered%20by%20OSCAL_28Feb2022.pdf)** \[[video](https://cdnapisec.kaltura.com/index.php/extwidget/preview/partner_id/684682/uiconf_id/33598632/entry_id/1_v1j262wj/embed/dynamic#t=28:41)\] 
+
+      Victoria Pillitteri, Group Manager, ITL/CSD, NIST
+
+**[Automate the Transition to NIST SP 800-53 Rev. 5 with OSCAL](https://csrc.nist.gov/csrc/media/Events/2022/3rd-oscal-workshop/documents/1.6%20-%20Main%20-%20JWalker-Automate%20Transition%20to%20NIST.SP.500-53rev5%20w%20OSCAL.pdf)** \[[video](https://cdnapisec.kaltura.com/index.php/extwidget/preview/partner_id/684682/uiconf_id/33598632/entry_id/1_m6ox9om9/embed/dynamic#t=00:45)\] 
+
+      Jasson Walker, President, cFocus Software
+
+
+
+## March 2, 2022:
+
+**Opening Remarks** \[no slides\] \[[video](https://cdnapisec.kaltura.com/index.php/extwidget/preview/partner_id/684682/uiconf_id/33598632/entry_id/1_mnivm99p/embed/dynamic)\] 
+
+      Dr. Michaela Iorga, OSCAL Strategic Outreach Director, NIST
+
+**[Exchange Protocol for Third Party Tool Integrations via OSCAL (IBM)](https://csrc.nist.gov/csrc/media/Events/2022/3rd-oscal-workshop/documents/2.1%20-%20Main%20-%20IBM_SCCExchangeProtocol-NIST.pdf)** \[[video](https://cdnapisec.kaltura.com/index.php/extwidget/preview/partner_id/684682/uiconf_id/33598632/entry_id/1_mnivm99p/embed/dynamic#t=05:48)\]
+
+      Anca Sailer, SME, STSM, IBM Research
+
+      Vikas Agarwal, Ph.D., Senior Researcher, SME, IBM Research 
+
+      Lou DeGenaro, Senior Engineer, IBM Research
+
+**[Initial Experiences with OSCAL and Continuous Monitoring in the EU Cybersecurity Certification Scheme for Cloud Services](https://csrc.nist.gov/csrc/media/Events/2022/3rd-oscal-workshop/documents/2.2%20-%20Main%20-%20Bosch_MEDINA-OSCAL22_Final.pdf)** \[[video](https://cdnapisec.kaltura.com/index.php/extwidget/preview/partner_id/684682/uiconf_id/33598632/entry_id/1_mnivm99p/embed/dynamic#t=36:50)\]
+
+      Dr. Jesus Luna Garcia, Bosch, Germany
+
+**[AWS and Implementation of OSCAL](https://csrc.nist.gov/csrc/media/Events/2022/3rd-oscal-workshop/documents/2.3%20-%20Main%20-%20AWS%20OSCAL%20Workshop.pdf)** \[[video](https://cdnapisec.kaltura.com/index.php/extwidget/preview/partner_id/684682/uiconf_id/33598632/entry_id/1_c2gqy160/embed/dynamic#t=01:09)\]
+
+      Matthew Donkin, SME, AWS
+
+      Douglas Boldt, Solutions Architect, AWS
+
+**[Adopting OSCAL to Deliver the Latest NIST SP 800-53 Control Catalog to the CSAM Community](https://csrc.nist.gov/csrc/media/Events/2022/3rd-oscal-workshop/documents/2.4%20-%20Main%20-%20DOJ%20Adopting%20OSCAL%20to%20Deliver%20Lastest%20NIST%20SP%20800-53%20Controls.pdf)** \[[video](https://cdnapisec.kaltura.com/index.php/extwidget/preview/partner_id/684682/uiconf_id/33598632/entry_id/1_c2gqy160/embed/dynamic#t=26:46)\]
+
+      Ramon Burks, CSS Assistant Director, DoJ/CSAM
+
+      Adam Oline, Technical Lead, CyberBalance, LLC, DoJ/CSAM
+
+### Parallel Tracks
+
+Track 1: **[OSCAL Deep Diff Tool](https://csrc.nist.gov/csrc/media/Events/2022/3rd-oscal-workshop/documents/2.t1%20-%20Lunch%20-%20Wootten_OSCAL-deep-diff%20Workshop%20Presentation.pdf)** \[[video](https://cdnapisec.kaltura.com/index.php/extwidget/preview/partner_id/684682/uiconf_id/33598632/entry_id/1_et380j7o/embed/dynamic)\]
+
+       Nikita Wootten, OSCAL team member, NIST
+
+Track 2: **[Ignyte Assurance Platform OSCAL Component Aggregation Techniques](https://csrc.nist.gov/csrc/media/Events/2022/3rd-oscal-workshop/documents/2.t2%20-%20Lunch%20-%20NIST_Ignyte_OSCALWorkshop_2022.pdf)** \[[video](https://cdnapisec.kaltura.com/index.php/extwidget/preview/partner_id/684682/uiconf_id/33598632/entry_id/1_gor9c800/embed/dynamic)\]
+
+      Max Aulakh, Managing Director, Ignyte Assurance Platform
+
+Track 3: **[“TURBOTAX-STYLE” Authoring of OSCAL Files](https://csrc.nist.gov/csrc/media/Events/2022/3rd-oscal-workshop/documents/2.t3%20-%20Lunch%20-%20DRTConfidence%20-%20OSCAL%20Workshop%202022.pdf)** \[[video](https://cdnapisec.kaltura.com/index.php/extwidget/preview/partner_id/684682/uiconf_id/33598632/entry_id/1_lrkka12d/embed/dynamic)\] 
+
+      Valinder Mangat, CIO, DRT Strategies
+
+Track 4:  **[Entertainment]** \[no slides\] \[no video\] 
+
+Track 5: **[Continuous ATO Demonstration Using OSCAL with Automated Assessments and Risk Modeling](https://csrc.nist.gov/csrc/media/Events/2022/3rd-oscal-workshop/documents/2.t5%20-%20Lunch%20-%20RegScale%20-%20Continuous%20ATO%20with%20OSCAL%20rev0.pdf)** \[[video](https://cdnapisec.kaltura.com/index.php/extwidget/preview/partner_id/684682/uiconf_id/33598632/entry_id/1_78w6unqt/embed/dynamic)\]
+
+      J. Travis Howerton, Co-Founder and CTO, RegScale
+
+Track 6: **[Getting a Head Start on Automating Your FedRAMP ATO Using OSCAL in Xacta360](https://csrc.nist.gov/csrc/media/Events/2022/3rd-oscal-workshop/documents/2.t6%20-%20Lunch%20-%20Telos-XACTA360%20-%20OSCAL%20Workshop%202022.pdf)** \[[video](https://cdnapisec.kaltura.com/index.php/extwidget/preview/partner_id/684682/uiconf_id/33598632/entry_id/1_26xlaccq/embed/dynamic)\]
+
+      Jet Ryan, XACTA Solutions Architect, Telos
+
+**[Kubernetes Policy Result Standardization via OSCAL (IBM)](https://csrc.nist.gov/csrc/media/Events/2022/3rd-oscal-workshop/documents/2.5%20-%20Main%20-%20IBM_Oscal%20Workshop%20Kubernetes%20Policy%20Working%20Group.pdf)** \[[video](https://cdnapisec.kaltura.com/index.php/extwidget/preview/partner_id/684682/uiconf_id/33598632/entry_id/1_1te6eie7/embed/dynamic#t=01:33)\]
+
+      Anca Sailer, SME, STSM, IBM Research
+
+      Jaya Ramanathan, Ph.D., Chief Security and Governance Architect, Red Hat
+
+      Jim Bugwadia, CEO, NirmataRobert Ficcaglia, CTO, SunStone Secure
+
+**[Leading with OSCAL: The Crystallization of OSCAL-enabled Commercial Sector Use Case ](https://csrc.nist.gov/csrc/media/Events/2022/3rd-oscal-workshop/documents/2.6%20-%20Main%20-%20KPMG%20Presentation%20to%203rd%20OSCAL%20Workshop_updated.pdf)** \[[video](https://cdnapisec.kaltura.com/index.php/extwidget/preview/partner_id/684682/uiconf_id/33598632/entry_id/1_1te6eie7/embed/dynamic#t=30:12)\]
+
+      Adam Brand, Managing Director, KPMG 
+
+      Thomas Nash, Director, KPMG
+
+**[The Applicability of OSCAL for Healthcare](https://csrc.nist.gov/csrc/media/Events/2022/3rd-oscal-workshop/documents/2.7%20-%20Main%20-%20Intraprise%20Health%20OSCAL%20Workshop%20-%20Applicability%20of%20OSCAL%20for%20Healthcare.pdf)** \[[video](https://cdnapisec.kaltura.com/index.php/extwidget/preview/partner_id/684682/uiconf_id/33598632/entry_id/1_1te6eie7/embed/dynamic#t=59:10)\]
+
+      Vikas Khosla, Chief Digital Health Officer, Intraprise Health
+
+**[Continuous, Automated Compliance with OSCAL](https://csrc.nist.gov/csrc/media/Events/2022/3rd-oscal-workshop/documents/2.8%20-%20Main%20-%20Secure%20Frame%20export_v3.pdf)** \[[video](https://cdnapisec.kaltura.com/index.php/extwidget/preview/partner_id/684682/uiconf_id/33598632/entry_id/1_sttjob70/embed/dynamic#t=00:55)\]
+
+      Conner Phillippi, Senior Compliance Solutions Manager, Product Manager, Secureframe 
+
+      Apostolos Delis, Software Engineer, Secureframe
+
+**[OSCAL Roadmap: From Strategy to Vision ](https://csrc.nist.gov/csrc/media/Events/2022/3rd-oscal-workshop/documents/2.9%20-%20Main%20-%20Waltermire_OSCAL%20roadmap.pdf)** \[[video](https://cdnapisec.kaltura.com/index.php/extwidget/preview/partner_id/684682/uiconf_id/33598632/entry_id/1_sttjob70/embed/dynamic#t=29:10)\]
+
+      David Waltermire, OSCAL Technical Director, NIST
+
+**Closing Remarks and Adjourn \[no slides\] \[[video](https://cdnapisec.kaltura.com/index.php/extwidget/preview/partner_id/684682/uiconf_id/33598632/entry_id/1_sttjob70/embed/dynamic#t=50:02)\]
+
+      Matthew Scholl, Chief, Computer Security Division, NIST
+