17.2 – Security Testing Frameworks

17.2 – Security Testing Frameworks
There are several security testing frameworks being used by security inspectors for technical control assessment. The most common security testing frameworks are: Open Source Security Testing Methodology Manual (OSSTMM) Information Systems Security Assessment Framework (ISSAF) NIST 800-115 Open Web Application Security Project (OWASP) All these frameworks provide a detailed, process-oriented way in which to implement a security test, and each has its specific strengths and weaknesses. Most penetration testers, and inspectors, use these frameworks as an initial step, to develop their own testing procedures, and they find a lot of value in referencing them. Open Source Security Testing Methodology Manual (OSSTMM)…
To access this content, you must subscribe to this Consolidated Tekedia Subscription, or log in if you are a member.

Share this post