What is the NCSP® 800-115 Foundation Certificate?

The NCSP® 800-115 Foundation Certificate provides a structured, practitioner-ready understanding of the security testing and assessment methodologies defined in NIST SP 800-115. It prepares learners to apply penetration testing, vulnerability scanning, and security assessment practices across organisational cybersecurity programs.

Who owns and governs the NCSP® 800-115 Foundation Certificate?

The NCSP® 800-115 Foundation Certificate is globally owned by CySec Professionals Ltd and governed by The Digital Trust Institute® (DTI®), ensuring alignment with NIST CSF 2.0, NIST SP 800-115, and NIST Special Publications.

How does this course align with NIST SP 800-115?

The course provides a deep understanding of NIST SP 800-115, including security assessment planning, penetration testing, vulnerability scanning, and reporting, and how these practices integrate with NIST CSF 2.0 and enterprise cybersecurity programs.

Is NCSP® 800-115 Foundation considered official NIST training?

NCSP® training is not generic NIST training. It is a governed, trademarked credential ecosystem aligned to NIST CSF 2.0, NIST SP 800-115, and NIST Special Publications, with formal ownership and governance.

Who is authorised to deliver NCSP® 800-115 Foundation training?

Only organisations formally authorised by CySec Professionals Ltd may deliver NCSP® training or assessments. Unauthorised use of NCSP® trademarks is prohibited.

NIST Cybersecurity Professional®
NCSP® 800-115 Foundation Certificate

Learn the Fundamentals of Technical Security Testing with NIST SP 800‑115

NIST Cybersecurity Professional®

NCSP® 800-115 Foundation Certificate

Course Description

Modern organisations must validate the effectiveness of their cybersecurity controls through structured, repeatable, and ethically governed technical security testing. NIST SP 800‑115 provides the authoritative methodology for planning, executing, and reporting security tests, including vulnerability assessments, penetration testing, and security evaluation techniques.

The NCSP® 800‑115 Foundation Certificate is a 2‑day, instructor‑led course introducing participants to the concepts, processes, and testing methodologies defined in the NIST SP 800‑115 Technical Guide to Information Security Testing and Assessment.

This course teaches how to plan and conduct security tests aligned with NIST guidance, how to select appropriate testing methods, and how to integrate testing activities into NIST CSF 2.0, risk management, and continuous improvement programs.

What You Will Learn

Participants gain foundational knowledge required to apply NIST SP 800‑115 concepts across security testing programs. You will learn:

How NIST SP 800‑115 supports NIST CSF 2.0, risk management, and continuous monitoring.
The structure, terminology, and testing methodologies defined in NIST SP 800‑115.
How to plan, scope, and authorise security testing activities.
How to apply vulnerability scanning, penetration testing, and security assessment techniques.
How to analyse findings, document results, and support remediation.
How to integrate testing into ongoing cybersecurity operations and improvement cycles.

Course Agenda

Day 1: Security Testing Foundations & Methodologies

Module 1: Introduction to NIST SP 800‑115

Overview of the Technical Guide, its purpose, and alignment with NIST CSF 2.0 and risk management.

Module 2: Security Testing Concepts

Core concepts including testing types, objectives, constraints, and ethical considerations.

Module 3: Planning & Scoping Security Tests

Defining objectives, selecting methods, establishing rules of engagement, and preparing test plans.

Module 4: Testing Methodologies

Applying vulnerability scanning, penetration testing, and security assessment techniques.

Day 2: Execution, Analysis & Continuous Improvement

Module 5: Conducting Security Tests

Executing tests safely and effectively while maintaining control, documentation, and evidence integrity.

Module 6: Analysing & Reporting Results

Evaluating findings, prioritising risks, and producing actionable reports for stakeholders.

Module 7: Integrating Testing into Cybersecurity Programs

Embedding testing activities into CSF 2.0, RMF, and continuous monitoring processes.

Module 8: Improving Testing Maturity

Enhancing testing repeatability, governance, and alignment with organisational security objectives.

Learning Outcomes

Participants will be able to:

Explain how NIST SP 800‑115 supports NIST CSF 2.0, risk management, and continuous monitoring.
Identify and describe the testing methodologies defined in NIST SP 800‑115.
Plan and scope security testing activities aligned with organisational objectives.
Conduct vulnerability assessments and penetration testing using NIST‑aligned techniques.
Analyse test results, document findings, and support remediation efforts.
Integrate security testing into ongoing cybersecurity operations and improvement cycles

Who Should Attend?

This course is designed for professionals responsible for conducting, managing, or overseeing security testing activities, including:

Penetration Testers & Security Assessors
Cybersecurity Analysts & Engineers
Vulnerability Management Teams
Risk Management & Compliance Personnel
DevSecOps & Application Security Teams
System Integrators & Technology Vendors
Program & Project Managers supporting security testing initiatives

Prerequisites

There are no formal prerequisites for this Foundation‑level course, though a basic understanding of cybersecurity concepts and the NIST CSF is recommended.

Participants are provided with:

NIST Cybersecurity Professional® (NCSP®) 800-115 Foundation Certificate courseware including links to further reading and resources.
NIST Cybersecurity Professional® (NCSP®) 800-115 Foundation Certificate, Certificate of Completion.
NIST Cybersecurity Professional® (NCSP®) 800-115 Foundation Certificate digital badge.