Technical Guide to Information Security Testing and Assessment by NIST, Special Publication 800-115

One of the  many NIST guidelines that can help to assess, analyze and develop IT security strategies in organization is to use NIST’s Special Publication 800-115 Technical Guide to Information Security Testing and Assessment Recommendations of the USA National Institute of Standards and Technology.

The purpose of this document is to provide guidelines for organizations on planning and conducting technical information security testing and assessments, analyzing findings, and developing mitigation strategies.

It provides practical recommendations for designing, implementing, and maintaining technical information relating to security testing and assessment processes and procedures, which can be used for several purposes—such as finding vulnerabilities in a system or network and verifying compliance with a policy or other requirements.

More about how and why please read the document.

Reference: http://csrc.nist.gov/publications/

Advertisements
This entry was posted in IT Security, Week 38. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s