There are testers who think I’m nutz for insisting that they sort any lists they include in their reports. Let me tell you my side of the story…
Month: August 2022
OWASP & The Top 10
The OWASP Top 10 details critical risks associated with web application security and is the defacto standard for web app security.
Include Command Strings – Penetration Test Reporting Tips
A good pentest report is supposed to be a teaching tool that provides the folks on the receiving end with information that makes it possible for them to do a lot of the same things we did. Here are a few reasons why we want them to do that.