The National Institute of Standards and Technology produces a series of information security standards designed to provide advice to organizations and build robust security programs. During the Pentest+ Exam, the Framework used is the NIST. The NIST 800-115 standard provides a clear way for penetration testers that is an accepted industry standard. Following this model is a good way to ensure that your penetration testing program complies with best practices.
This voluntary Framework consists of standards, guidelines, and best practices to manage cybersecurity-related risk. You can see all information regarding the best standard for security applied via https://www.nist.gov/cyberframework
Why does pentest + use NIST as the basis of its framework?
Being a certification of strong American origins and used for military and governmental environments, obviously it takes up a framework that incorporates all the benefits suitable for the purpose.
- Previous Post