From: Rafael Ausejo Prieto (rafael@ausejo.net)
Date: Thu Mar 04 2004 - 17:08:14 EST
> * OSSTMM - Open Source Security Testing Methodology Manual
> * Durchfuehrungskonzept fuer Penetrationstests (BSI - Germany)
> * NIST Guideline on Network Security Testing (special publ. 800-42)
>> Can anyone point me to other standards for penetration testing?
ISACA (Information Systems Audit and Control Association)
released this month an exposure draft:
"IS AUDITING PROCEDURE PENETRATION TESTING AND VULNERABILITY ANALYSIS
DOCUMENT"
This material was issued on 1 February 2004. Exposure period closes 31 March
2004.
I suppose it's not yet publicy available (just for ISACA members review);
but it could be in the near future...
Rafael Ausejo Prieto
rafael@ausejo.net
http://www.ausejo.net/
---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:49 EDT