Tag standard

.NET Frameworks

Probably you have seen in your Windows computer a program installed that is called “.NET Framework” (or more recently “.NET Runtime”) that gets updated and seems a requirement for some apps but you ignore its purpose. This post explains what…

Data Centers

A data processing center (DPC) or data center is a building, a dedicated space within a building, or a group of buildings used to house computer systems and associated components, such as telecommunications and storage systems. Data Center Certifications ANSI…

Secure Development Frameworks

This post lists some secure development frameworks. Secure Development Frameworks List of Secure Development Frameworks: Secure Software Development Framework (SSDF) OWASP Security Knowledge Framework (OWASP-SKF) SEI CERT Coding Standards Secure Software Development Framework (SSDF) Secue Software Development Framework (SSDF)…

ISO/IEC 27000-series

The ISO/IEC 27000-series is a set of standards related to information security and publish by ISO and IEC. It provides recommendations on information security, in the context of a Information Security Management System (ISMS). Standards included on ISO/IEC 27000-series As…

PCI DSS

The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for organizations that handle branded credit cards from the major card schemes. PCI DSS applies for: Online payments Point-of-Sales etc. SAQ = Self-Assessment Questionnaire  PCI DSS…

List of Penetration Testing Methodologies

This post lists some industry-standard penetration testing methodologies. OWASP Web Security Testing Guide OSSTMM NIST SP 800-115 FedRAMP Penetration Test Guidance PCI DSS Information Supplement on Penetration Testing List of industry-standard penetration testing methodologies OWASP Web Security Testing Guide …