Security testing methodology 2.0

Pete Herzog writes: “The Open Source Security Testing Methodology Manual 2.0 has been posted for peer-review at OSSTMM.ORG.

Covered in the 2.0 manual are the following areas:
–Internet Security

–Information Security
–Physical Security
–Communications Security
–Wireless Security
–Social Engineering

This manual is a detailed methodology for standardizing the process of security testing so as to ensure a complete and thorough job. This is a nearly complete re-write of 1.5 from the ground up to assure clarity and practicality. Included are the Risk Assessment Values which provide values and a method for calculating and maintaining specific levels of risk from security breaches and other forms of organizational penetration methods besides Information and IT insecurities. This verson also includes many template samples including the information that must appear in a report to bear the Certified OSSTMM Compliance seal.

I do hope everyone involved in the security field from IT professionals to auditors and soldiers to watchdog groups gets involved in the peer-review process to develop this standard.

“

RELATED ARTICLESMORE FROM AUTHOR

Maintainer Confidential: Challenges and Opportunities One Year On

Bridging Design and Runtime Gaps: AsyncAPI in Event-Driven Architecture

Implementing OpenTelemetry Natively in an Event Broker

Innovation as a Catalyst in Telecommunications

Linux 6.8 Brings More Sound Hardware Support For Intel & AMD, Including The Steam Deck

RELATED ARTICLES MORE FROM AUTHOR