NYDFS penetration testing and vulnerability assessment requirements
/plugin marketplace add ethanolivertroy/claude-grc-engineering/plugin install nydfs@grc-engineering-suite# NYDFS Penetration Testing Plan Comprehensive guidance for meeting 23 NYCRR 500.05 penetration testing and vulnerability assessment requirements. ## Arguments - `$1` - Testing type (required: pentest, vulnerability-assessment, both) - `$2` - Scope (optional: internal, external, web-app, cloud, comprehensive) ## Regulatory Requirement **Section 500.05**: Penetration Testing and Vulnerability Assessments "Based upon its Risk Assessment, each Covered Entity shall conduct: - **Annual penetration testing** of Information Systems - **Bi-annual (twice yearly) vulnerability assessments** of I...