https://community.isc2.org/t5/Member-Support/Port-scanning-test-and-report-approved-by-GSA/m-p/3494#M335 <P>No such thing by standard.&nbsp; The closest you'll get is the FedRAMP process for cloud providers:</P><P>&nbsp;</P><P>fedramp.gov</P><P><A href="https://www.fedramp.gov/provide-public-comment/vulnerability-scanning-requirements-and-process-clarification/" target="_blank">https://www.fedramp.gov/provide-public-comment/vulnerability-scanning-requirements-and-process-clarification/</A></P><P>&nbsp;</P><P>&nbsp;</P><P>ask your customers if that's what they mean.</P> Sun, 12 Nov 2017 00:37:32 GMT MrJackBadger 2017-11-12T00:37:32Z https://community.isc2.org/t5/Member-Support/Port-scanning-test-and-report-approved-by-GSA/m-p/3466#M329 <P>I don't know if there is such a thing, but I get asked from time to time if our products have been "GSA port scanned".&nbsp; Does the GSA have a document of recommendations or a framework or a toolset defined that I can run against my products to show 'compliance', or have some results?&nbsp; In the past we've had a few government facilities do their own scan and would/would not provide us results, depending.&nbsp; Is there a publicly available document that describes the requirements and "expected results"?&nbsp; Or is there really no such thing and it depends on the particular service or department (non-military)?</P> Thu, 09 Nov 2017 17:27:52 GMT https://community.isc2.org/t5/Member-Support/Port-scanning-test-and-report-approved-by-GSA/m-p/3466#M329 dbohlmann 2017-11-09T17:27:52Z https://community.isc2.org/t5/Member-Support/Port-scanning-test-and-report-approved-by-GSA/m-p/3494#M335 <P>No such thing by standard.&nbsp; The closest you'll get is the FedRAMP process for cloud providers:</P><P>&nbsp;</P><P>fedramp.gov</P><P><A href="https://www.fedramp.gov/provide-public-comment/vulnerability-scanning-requirements-and-process-clarification/" target="_blank">https://www.fedramp.gov/provide-public-comment/vulnerability-scanning-requirements-and-process-clarification/</A></P><P>&nbsp;</P><P>&nbsp;</P><P>ask your customers if that's what they mean.</P> Sun, 12 Nov 2017 00:37:32 GMT https://community.isc2.org/t5/Member-Support/Port-scanning-test-and-report-approved-by-GSA/m-p/3494#M335 MrJackBadger 2017-11-12T00:37:32Z https://community.isc2.org/t5/Member-Support/Port-scanning-test-and-report-approved-by-GSA/m-p/3598#M352 <P>I will keep that in mind since we do have cloud services.&nbsp; Thanks.</P><P>&nbsp;</P><P>The customer was asking in particular for a router that we make, though.</P> Tue, 14 Nov 2017 20:57:00 GMT https://community.isc2.org/t5/Member-Support/Port-scanning-test-and-report-approved-by-GSA/m-p/3598#M352 dbohlmann 2017-11-14T20:57:00Z