← Frameworks / Threat-Led Testing

CBEST Threat Intelligence-Led Penetration Testing

Bank of England framework for intelligence-led penetration testing of UK financial infrastructure. Prescribes threat intelligence gathering, red team execution, blue team assessment, and remediation for systemically important financial institutions. Requires accredited threat intelligence providers (TIPs) and penetration testing providers (PTPs). Complementary to PRA operational resilience requirements.

Clauses: 10

Avg Coverage: 61.8%

Publisher: Bank of England Version: 2021

CBEST → SP 800-53 SP 800-53 → CBEST Coverage Analysis

Clause	Title	SP 800-53 Controls
CBEST.1	Governance and Oversight	PM-01 PM-02 PM-09 PM-14 PM-29 PL-01 PL-02 CA-01 CA-06
CBEST.2	Threat Intelligence Phase	PM-16 RA-03 RA-05 RA-10 PM-15 SI-05
CBEST.3	Penetration Testing Scope	CA-08 PM-11 PM-08 RA-09 RA-02 CM-08 CM-12
CBEST.4	Red Team Execution	CA-08 SC-26 SC-35 RA-06 RA-10
CBEST.5	Blue Team Assessment	SI-04 AU-06 AU-13 IR-04 IR-05 CA-07 PM-14 SC-07
CBEST.6	Findings and Remediation	CA-05 PM-04 RA-05 RA-07 SI-02 PM-31
CBEST.7	Assurance and Reporting	CA-02 CA-05 CA-07 PM-06 PM-14
CBEST.8	Provider Qualification	SA-04 SA-09 SA-21 PS-03 PS-07 SR-06
CBEST.9	Data Handling and Confidentiality	SC-08 SC-12 SC-13 SC-28 MP-01 MP-04 MP-05 MP-06 PT-01 PT-02 SI-12 AC-03
CBEST.10	Continuous Improvement	PM-31 CA-02 CA-05 CA-07 IR-03 AT-06 PM-06 PM-14