cybersecurityEnglish · 1 year ago

Meaningful Infosec Company Certifications?

4

6

Meaningful Infosec Company Certifications?

cybersecurityEnglish · 1 year ago

4

Hi all,

I did a lot of research, but got the point where I wonder: Is there any real meaningful infosec certification a company could gain?

I can follow a lot of frameworks and do certifications on them (like ISO 27001, NIST CSF, ISACA COBIT, TISAX, etc.), but they all are looking at documents and processes which kind of prove the mindset, but not actual security.

I think about something like “company survived a 5-day pentest or regulary does blue team exercises”, etc., which show that the company can detect and respond and not only write documents.

Does anyone know about something like that? Or does this simply don’t exists yet?

Thanks for the input!

Chat

ashar
link
fedilink
English
arrow-up
2·
1 year ago
I don’t think any major company I know of could get through a pen test without the hackers getting through.

cybersecurity

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !cybersecurity@infosec.pub

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

Enjoy!

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

1 user / day
2 users / week
99 users / month
1.46K users / 6 months
729 local subscribers
3.15K subscribers
391 Posts
1.36K Comments
Modlog