National Cyber Security Centre – Penetration Testing: Advice on How to Get the Most from Penetration Testing 3.12 3.12.1 3.12.3 Security Assessment
This guidance helps with understanding the proper commissioning and use of penetration tests.
SEARCH RESULTS
NIST – CUI SSP Template 3.12 3.12.4 Security Assessment
NIST SP 800-115 Technical Guide to Information Security Testing and Assessment 3.11 3.11.1 3.11.2 3.11.3 3.12 3.12.1 3.12.3 Risk Assessment Security Assessment
This NIST Special Publication is a guide to the basic technical aspects of conducting information security assessments.
NIST SP 800-18 Guide for Developing Security Plans for Federal Information Systems 3.12 3.12.4 Security Assessment
This NIST Special Publication provides guidance for federal agencies for developing system security plans for federal information systems.
Open Web Application Security Project (OWASP) – Free for Open Source Application Security Tools 3.12 3.12.1 3.12.3 csc18 Security Assessment
OWASP's mission is to help the world improve the security of its software.
Open Web Application Security Project (OWASP) – Testing Guide v4 3.12 3.12.1 3.12.3 Security Assessment
This link provides information about one methodology for web application penetration testing
Open Web Application Security Project (OWASP) – Testing Tools 3.12 3.12.1 3.12.3 csc18 Security Assessment
This link from OWASP provides a list of web security testing tools.
Open Web Application Security Project (OWASP) Top 10 3.12 3.12.1 3.12.3 Security Assessment
The OWASP Top 10 is an awareness document for web application security. It represents a broad consensus about the most critical security risks to web applications. Project members include a variety of security experts from around the world who have shared their expertise to produce this list.
PCI Data Security Standard – Penetration Testing Guidance 3.12 3.12.1 3.12.3 Security Assessment
This guidance is intended for entities that are required to conduct a penetration test.
SANS Offensive Operations Training and Resources 3.12 3.12.1 3.12.3 Security Assessment
This is a link to avaliable SANS penetration testing courses.