Comparative Study of Computer Security Methodologies for Countering Cyber Attacks

Abstract

Nowadays, computer security ensures the absence of risks in any of the elements of a system such as hardware, software, computer-human resources, networks, users, data, and procedures, interrupting that any user or personnel without authorization can have access to the information contained in the system and avoiding modifying, damaging, altering, eliminating and/or giving it any treatment that is not authorized. That is why large organizations or IT researchers developed methodologies ((a) ISSAF Methodology, (b) OSSTMM Methodology, and (c) OWASP Methodology) that were implemented in different organizational environments and were effective in countering anomalies and cyber attacks. Therefore, the objective of the present research is the comparison of computer security methodologies to counter cyber attacks with the following criteria: Year of inception, Country of development, definition, characteristics, method, phases, benefits. These criteria were fundamental to compare the information of each development methodology presented to evaluate their functions and classify which one is more efficient to avoid some anomalies in an entity. As a recommendation, it is proposed to continue developing this research in different variables of evaluation based on the methodologies of computer security that help to encourage students to develop scientific articles based on computer security, information security, and mong others.