Before I switched career paths to work in cybersecurity, I worked primarily as a web developer, but I have also worked on desktop and mobile app projects. Because of this, I have a keen sensitivity for how people on the receiving end of a penetration test report will view the findings.
Tag: pentest reports
Sort Your Lists – Penetration Test Reporting Tips
There are testers who think I’m nutz for insisting that they sort any lists they include in their reports. Let me tell you my side of the story…
Include Command Strings – Penetration Test Reporting Tips
A good pentest report is supposed to be a teaching tool that provides the folks on the receiving end with information that makes it possible for them to do a lot of the same things we did. Here are a few reasons why we want them to do that.
Hire an Editor – Penetration Test Reporting Tips
If you really, honestly, and truly want to take your reports to the next level, hire an editor.
Report As You Go – Penetration Test Reporting Tips
If what you did does not show up in your pentest report, it didn’t happen. So how do you make sure your report captures everything you did? (First in a series of posts.)