At a Glance
A vital stage in any Development Lifecycle is the testing phase including FAT and SAT. For any project that is business critical there are several tests to be carried out before 'Go Live' and these include checking for known coding errors, a vulnerability check and a penetration test. Once these have been carried out and any high-level findings addressed, the project will be in a much better place!
In addition, the understanding of what to audit and what does a satisfactory level of compliance look like may well vary from system to system and industry sector to industry sector. Having a view of what this bigger picture looks like as well as understanding the set of metrics that will help prove the current position is key to any business after all security is really difficult to prove when the best result is 'nothing happens'!!
Our courses have been designed to help users understand this approach whether they are looking into the available Open Source information that a company may not be aware is leaking out to the wider world or carrying a full penetration test to see what holes there are.
Although there is a huge resource set for this subject quite often the comment we hear from customers is "But I don't know where to find it!". Therefore, below are a set of links to useful resources and related sites:
Government - UK
Government - US