Design and validate assessment, test, and audit strategies
Key Concepts
InternalExternalThird-partyLocation based testing
Conduct security control testing
Key Concepts
Vulnerability assessmentPenetration testingRed teamBlue teamPurple teamLog reviewsSynthetic transactionsCode reviewMisuse case testingCoverage analysisInterface testingBreach attack simulationsCompliance checks
Collect security process data
Key Concepts
Account managementManagement reviewKPIsRisk indicatorsBackup verificationTrainingDRBC
Analyze test output and generate report
Key Concepts
RemediationException handlingEthical disclosure
Conduct or facilitate security audits
Key Concepts
Internal auditsExternal auditsThird-party auditsLocation based audits