22 min listen
A Penetration Testing Findings Repository
A Penetration Testing Findings Repository
ratings:
Length:
26 minutes
Released:
Jun 13, 2023
Format:
Podcast episode
Description
In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI) Marisa Midler and Samantha Chaves, penetration testers with the SEI’s CERT Division, talk with Suzanne Miller about a penetration-testing repository that they helped to build. The repository is a source of information for active directory, phishing, mobile technology, systems and services, web applications, and mobile- and wireless-technology weaknesses that could be discovered during a penetration test. The repository is intended to help assessors provide reports to organizations using standardized language and standardized names for findings, and to save assessors time on report generation by having descriptions, standard remediations, and other resources available in the repository for their use. The repository is currently an open-source document hosted on the Cybersecurity and Infrastructure Agency (CISA) Github website.
Released:
Jun 13, 2023
Format:
Podcast episode
Titles in the series (100)
Building Staff Competence in Security: In this podcast, Barbara Laswell describes specifications that define the knowledge, skills, and competencies required for a range of security positions. by Software Engineering Institute (SEI) Podcast Series