The ISSAF is OISSG's flagship project. It is an effort to develop an
end-to-end framework for security assessment. The ISSAF aims to provide
a single point of reference for professionals involved in security
assessment; it reflects and addresses the practical issues of security
assessment. The ISSAF is an evolving framework and it will be further
amended and updated.
ISSAF Draft0.2 is divided into two parts 1. ISSAF0.2.1A and 2. ISSAF0.2.1B. Draft 0.2.1B contains chapters related to Penetration Testing. Please refer ISSAF0.2.1A for engagement management and good practices during assessment. It also has an index (PDF bookmarks and tags) for your viewing convenience.
ISSAF Draft0.2 is divided into two parts 1. ISSAF0.2.1A and 2. ISSAF0.2.1B. Draft 0.2.1A contains entire ISSAF except chapters related to Penetration Testing. It also has an index (PDF bookmarks and tags) for your viewing convenience.
This is a re-release of ISSAF 0.2. Content is the same, but an index (pdf bookmarks) has been added for your viewing convenience and several layout issues have been fixed.
ISSAF version 0.2 is being released to the industry on the basis of extensive testing by a number of information security specialists working
across the world, on different platforms for security assessments at
organizations in different vertical markets. It is being released for use
by organizations and assurance professionals, subject to appropriate open
licensing terms.
The ISSAF is OISSG's flagship project. It is an effort to develop an
end-to-end framework for security assessment. The ISSAF aims to provide
a single point of reference for professionals involved in security
assessment; it reflects and addresses the practical issues of security
assessment. The ISSAF is an evolving framework and it will be further
amended and updated.
