Common Attack Pattern Enumeration and Classification (CAPEC) | Overview | the Importance of Information Security Policies and Procedures

49. What is the Common Attack Pattern Enumeration and Classification (CAPEC) and why are information security policies and procedures so important today, and do you offer comprehensive I.T. security documentation?

The Common Attack Pattern Enumeration and Classification (CAPEC), according to http://capec.mitre.org/, is a community-developed list of common attack patterns along with a comprehensive schema and classification taxonomy. As for attack patterns, they are descriptions of common methods for exploiting software systems, which is becoming increasingly common in today’s world of information security as malicious individuals and their associated actions are constantly seeking to exploit vulnerabilities in software development. As for developers themselves, building software with adequate levels of security is becoming extremely challenging indeed, one that requires a sincere commitment to secure coding techniques.

Learn more about our signature product, the Global Information Security Compliance Packet (GISCP)the world's most complete security policy packet containing over 2,850 + pages of in-depth information security policies, procedures, forms, checklists, templates, provisioning and hardening documents, and much more.

Learn more today about the GISCP by viewing sample policies, forms, hardening documents, and more.

CAPEC, sponsored by the United States Department of Homeland Security, seeks to provide a publicly available catalog of attack patterns along with a comprehensive schema and classification taxonomy. CAPEC, like many other MITRE platforms, has a number of associated community driven projects and platforms – all generally relating to best practices regarding the broader topic of information security.

Information Security Policies and Procedures | Download Today
While on the topic of CAPEC and information security, it’s also important for organizations to effectively document their daily operational and security practices, which ultimately requires developing comprehensive, enterprise-wide policy and procedural material. Not only are policies and procedures mandated for regulatory compliance, they just make sense from a best practices security perspective. Flat Iron Technologies, LLC, a global leader in security documentation, offers the Global Information Security Compliance Packet (GISCP) set of operational, business specific, and information security policies, procedures, forms, checklists, templates, provisioning and hardening documents –and more – for sale and download.  Containing hundreds of essential compliance and security forms, the GISCP set of documents is a must have for organizations serious about information security. 

Information Security Polices for Compliance | Order Today
CAPEC is an essential component of the growing number of platforms within the broader scope of information security seeking to ensure confidentiality, integrity and availability (CIA) – the essential I.S. triad. Yet another important component of CIA is having documented information security policies and procedures in place – such as those offered from securitypolicyportal.com. 

GISCP - PREMIER Edition ($1,479.00)

Click below to view table of contents

GISCP cover

White Papers