20.1: Establish a Penetration Testing Program
CSF v1.1 References:
PF v1.0 References:
- Critical Security Controls Version 8:
- 18.1: Establish and Maintain a Penetration Testing Program
Establish a program for penetration tests that includes a full scope of blended attacks, such as wireless, client-based, and web application attacks.
[csf.tools Note: For more information on the Critical Security Controls, visit the Center for Internet Security.]