Website: https://www.isecom.org/research.html
The Open Source Security Testing Methodology Manual is a complete methodology for the testing, analysis and measurement of operational security towards building the best possible security defenses.
The OSSTMM is a good thing to use because it provides a structured and standardized approach to security testing that can help organizations identify and mitigate security risks before they can be exploited by attackers. It’s also open source and can be customized to meet specific needs, making it a highly accessible and relevant tool for security testing and analysis. Using the OSSTMM can help organizations improve their security and reduce the risk of security breaches.
This manual is maintained by ISECOM, the Institute for Security and Open Methodologies. It is a non-profit organization that focuses on research, development, and promotion of security testing methodologies, tools, and best practices.
ISECOM also offers several other resources related to cybersecurity education and best practices. Their Cybersecurity Playbook provides practical guidance and best practices to improve cybersecurity posture that are primarly targeted toward small and midsize business (SMBs). It covers a range of topics such as risk assessment, incident response, and vulnerability management. Jack of All Trades is set of sample inteview questions you can use to interview potential candidates in TI and cyberssecurity. They also offer Hacker High School–a project that offers free security education materials and training for teenagers. Its aim is to promote security awareness and skills among young people, and it includes lesson plans, videos, and interactive games. Overall, these resources are aimed at promoting a more open and collaborative approach to cybersecurity and improving security awareness and skills across a range of audiences.