Identifying the best Methods for Passive and Active Cybersecurity Assessment

Companies currently struggle with the right way to assess their cybersecurity, due to the fast-growing industry and a large number of methods available to assess it. NIST proposed 5 functions every company should comply with in order to reduce cyber risks, but once again there is close to no literature available on what methods to do this will best protect the company. In this paper, we intended to find out what set of methods for both passive and active cybersecurity would provide a company with the most complete cybersecurity assessment while taking the NIST proposed functions into consideration. To achieve this, we analyzed a set of methods, compared them in tables to each other, and pointed out the advantages and shortcomings of the methods. We proposed 4 sets of methods that cover the most NIST functions and provides the company with the most complete experience, covering a lot of aspects.