Sistema de blogs Diarium
Universidad de Salamanca
Pablo Gallardo's Blog
My professional web log about IT, Cybersecurity & Project Management
Tag Archives | standards

Information Security Certifications for Organizations

This post summarizes some certifications for organizations (and not for individuals or professionals) related somehow to information security or cybersecurity.   List of Information Security Certifications for Organizations Information Security Certifications for Organizations featured on this post: ISO/IEC 27001 ISO/IEC 27701 ISO/IEC 15408 ISO 22301 SOC 2 Type 2 STAR ENS ISO/IEC 27001 ISO/IEC 27001 […]

Comments { 0 }

Secure Development Frameworks

This post lists some secure development frameworks. Secure Development Frameworks List of Secure Development Frameworks: Secure Software Development Framework (SSDF) OWASP Security Knowledge Framework (OWASP-SKF) SEI CERT Coding Standards Secure Software Development Framework (SSDF) SSDF is issued by NIST. OWASP Security Knowledge Framework (OWASP-SKF) OWASP Security Knowledge Framework (OWASP-SKF) is issued by OWASP. […]

Comments { 0 }

ISO/IEC 27000-series

The ISO/IEC 27000-series is a set of standards related to information security and publish by ISO and IEC. It provides recommendations on information security, in the context of a Information Security Management System (ISMS). Standards included on ISO/IEC 27000-series As of 2022, there are 63 different standards belonging to ISO/IEC 27000-series. All of them start […]

Comments { 0 }

List of IT Risk Analysis Methodologies

This post summarizes some relevant IT risk analysis methodologies.   IT risk analysis methodologies List of IT risk analysis methodologies: NIST 800-30 ISO 27005 Magerit Mehari OCTAVE Microsoft’s Security Management Guide NIST 800-30 NIST Special Publication 800-30, abbreviated as NIST SP 800-30 or NIST 800-30, whose title is “Guide for Conducting Risk Assessment”, is issued […]

Comments { 0 }

List of Penetration Testing Methodologies

This post lists some industry-standard penetration testing methodologies. OWASP Web Security Testing Guide OSSTMM NIST SP 800-115 FedRAMP Penetration Test Guidance PCI DSS Information Supplement on Penetration Testing List of industry-standard penetration testing methodologies OWASP Web Security Testing Guide Open Source Security Testing Methodoloy Manual (OSSTMM) Institute for Security and Open Methodologies (ISECOM) […]

Comments { 0 }
Política de privacidad
Studii Salmantini. Campus de excelencia internacional