Penetration Testing Methodologies
[CREST] A guide for running an effective Penetration Testing programme
Focuses on establishing and managing a penetration testing program.
Helps organizations prepare for, conduct, and follow up on penetration tests.
Coverage includes Penetration Testing Portfolio management and Testing processes, applicable in various environments including ICT and Cloud.
[OWASP] Web Security Testing Guide
Provides a comprehensive guide for testing web application security.
Aims to help organizations build and operate a modern web application testing program.
Coverage includes Penetration Testing processes and Vulnerability testing, useful for ICT and Cloud environments.
[OWASP] Firmware Security Testing Methodology
A methodology specifically for assessing the security of firmware across devices.
Focuses on stages like information gathering, firmware analysis, and binary exploitation.
Coverage includes Vulnerability testing and is applicable to IoT.
[NIST] SP 800-115 – Technical Guide to Information Security Testing and Assessment
Provides practical recommendations for conducting technical information security tests.
Covers various examination techniques, including penetration testing.
Applicable across multiple environments, particularly ICT and Cloud.
Penetration Testing Execution Standard (PTES)
Aims to standardize penetration testing methodologies and ensure thoroughness.
Main sections include pre-engagement interactions, intelligence gathering, and reporting.
[ISECOM] Open-Source Security Testing Methodology Manual (OSSTMM)
A comprehensive approach for conducting security tests across various domains.
Emphasizes a scientific approach and quantifying risks and vulnerabilities.
Penetration Testing the Internet of Things (PETIoT)
A framework specifically for vulnerability assessment and penetration testing of IoT devices.
Focuses on practical orientations and offers actionable countermeasures.
Google Cloud Penetration Testing Guide
Provides best practices for conducting penetration tests on Google Cloud Platform (GCP) environments.
Aims to help organizations identify and address potential security weaknesses in their cloud deployments.
This section illustrates the diverse range of methodologies available to guide penetration testing efforts, addressing different environments and types of systems. Each methodology has its specific focus and applicability to enhance security assessments.
Penetration testing frameworks
Framework Purpose
Frameworks consist of guidelines, best practices, and tools designed to help organizations systematically address security challenges and evaluate vulnerabilities.
CPS Security
There are no fully established standalone frameworks specifically for Cyber-Physical Systems (CPS); instead, most cybersecurity methodologies include aspects of CPS security as part of their broader scope. This is particularly relevant in industries like manufacturing, utilities, and critical infrastructure.
MITRE ATT&CK Framework
MITRE ATT&CK Enterprise Matrix: This knowledge base categorizes adversarial techniques based on real-world observations, focusing on how adversaries interact with systems during an operation. It includes components like tactics, techniques, sub-techniques, and procedures.
MITRE ATT&CK for Cloud: This framework focuses on the tactics, techniques, and procedures (TTPs) used by adversaries in cloud environments, addressing unique security challenges introduced by cloud services.
MITRE ATT&CK for ICS: This specialized framework is designed to understand and counter tactics employed against Industrial Control Systems (ICS).
OWASP Frameworks
OWASP IoT Security Testing Guide: This guide offers methodologies for evaluating the security of IoT devices.
OWASP Mobile Application Security Testing Guide: This framework provides comprehensive guidance on mobile app security testing.
OWASP Top Ten: A standard awareness document for developers regarding the most critical security risks to web applications, updated every four years.
OWASP Cloud API Security Top 10: It addresses security concerns surrounding APIs in cloud environments.
OWASP Cloud-Native Application Security Top 10: This guide focuses on security risks specific to cloud-native applications.
OWASP OT Top 10: A new initiative aimed at raising awareness about security risks specific to Operational Technology (OT).
Social-Engineer Framework
Developed by Social-Engineer, LLC, this framework focuses on the human aspect of security, providing insights into social engineering attacks.
Evaluation of Methodologies
The evaluation of these methodologies is based on criteria such as maturity, completeness, guidance, and overall effectiveness in addressing security challenges.
This page was created using insights from the report CYSSDE D2.1 Methodologies Pentesting
To read the full report, please use the link below.