The OWASP Top 10 is a standard for developers and web application security. It represents a broad consensus about the most critical Top 10 security risks to web applications.
The OWASP FULL is a standard for developers and web application security. It represents all aspects of web application security risks and have the full coverage testing scope according to OWASP best practices
The OWASP Mobile Application Security Guidance (OWASP MASTG) is a comprehensive manual for mobile application security testing and reverse engineering for iOS and Android mobile security.
The PCI DSS version 2.0 (PCI SSC, 2010) requires that external and internal penetration be completed at least annually or when there are any significant changes to the environment.