The Common Vulnerability Scoring System (CVSS) provides an open framework for communicating the characteristics and impacts of IT vulnerabilities.

Andres Riancho has released w3af 1.0 – the Web Application Attack and Audit Framework.This framework is written in python and resembles a bit to metasploit having an architecture based on plugins

One of the objectives of this security standards portal named “ICT Security Standards Roadmap” is to provide a central tracking facility for NIS standards. It facilitates identification of standards and standardization activities, as well as coordination among standardization bodies, reduction of duplicate work and easier identification of existing gaps.

NIST publications : Guidelines on Cell Phone Forensics, Guide for Assessing the Security Controls in Federal Information Systems, Guidelines on Securing Public Web Servers, User’s Guide to Securing External Devices for Telework and Remote Acces, Specification for the Extensible Configuration Checklist Description Format (XCCDF)