O'Reilly logo
  • Junior Santiago thinks this is interesting:

NIST SP 800-115: Technical Guide to Information Security Testing and Assessment

From

Cover of CompTIA Cybersecurity Analyst (CSA+) Study Guide

Note

800-30 Risk = Threat × Vulnerability
800-115 Pentest 4phases