17.2 – Security Testing Frameworks

There are several security testing frameworks being used by security inspectors for technical control assessment. The most common security testing frameworks are: Open Source Security Testing Methodology Manual (OSSTMM) Information Systems Security Assessment Framework (ISSAF) NIST 800-115 Open Web Application Security…