Scanners & Frameworks

Beacon Standards integrates with industry-leading security tools and aligns with established penetration testing frameworks.

Supported Scanners

Nmap

Network Discovery
Tier 1 & 3

Industry-standard network reconnaissance tool for port scanning, service detection, and OS fingerprinting. Essential for Tier 1 network findings.

Critical open port detection (T1190)
Service enumeration
Network mapping
Learn more

Nessus Professional

Vulnerability Scanning
All Tiers

Comprehensive vulnerability scanner for network assets, cloud infrastructure, and web applications. Provides CVE-based findings with CVSS scoring.

CVE detection across all tiers
Configuration auditing
Compliance checks
Learn more

Burp Suite Professional

Web Application Testing
Tier 1 & 2

The de facto standard for web application penetration testing. Identifies OWASP Top 10 vulnerabilities through automated and manual testing.

SQL injection (T1190)
Authentication bypass
Session management flaws
Learn more

PROWLER

Cloud Security
All Tiers

Open-source cloud security tool for AWS, Azure, and GCP. Performs CIS Benchmark checks and identifies cloud misconfigurations.

IAM policy analysis
S3 bucket exposure
Network ACL gaps
Learn more

Cloudsploit

Cloud Security
Tier 1 & 2

Multi-cloud security scanning for AWS, Azure, GCP, and Oracle Cloud. Focuses on configuration issues and compliance violations.

Cross-cloud analysis
Compliance mapping
Real-time monitoring
Learn more

Nuclei

Vulnerability Scanning
Tier 1 & 2

Fast, template-based vulnerability scanner. Community-maintained templates for CVE detection and misconfiguration identification.

Custom vulnerability templates
CVE exploitation checks
Automated reconnaissance
Learn more

Testing Frameworks

OWASP Testing Guide

v4.2

Comprehensive web application security testing methodology. The definitive guide for manual and automated web security assessments.

OWASP Top 10 2021ASVS 4.0WSTG categories
Official documentation

MITRE ATT&CK

v14

Adversary tactics and techniques knowledge base. Beacon Tier 1 findings map directly to ATT&CK techniques for threat-informed defense.

Initial Access (TA0001)Persistence (TA0003)Privilege Escalation (TA0004)
Official documentation

PTES

1.0

Penetration Testing Execution Standard. Provides a common language and methodology for penetration testing engagements.

Pre-engagementIntelligence gatheringExploitation
Official documentation

NIST CSF

2.0

Cybersecurity Framework for risk management. Beacon tiers align with NIST CSF functions for organizational context.

IdentifyProtectDetectRespondRecover
Official documentation

Integration Strategy

1

Configure Scanners

Deploy selected scanners with Beacon-aligned policies. Focus on high-value findings that map to tier classifications.

2

Normalize Output

Map scanner findings to Beacon tiers using CVSS scores, MITRE techniques, and compliance framework references.

3

Apply SLAs

Route findings to appropriate teams with tier-based SLAs. Track remediation metrics and escalate overdue items.

View TiersAbout Beacon