✅Pentest Checklist

The pentest checklist is a short questionnaire to help ensure that both teams are prepared for the upcoming pentest to begin on time. Submitting the pentest checklist on time helps our team maximize their time and provides as much coverage as possible.

The information we gather via the pentest checklist gives our team everything we need to hit the ground running on the first day of testing. The contents of the checklist vary depending on the type of testing performed.

It will ask you for information such as:

• New features and use cases in scope for your pentest (new since the last test).

• Availability for a demo meeting.

• Confirmation that the scope is accurate.

• URLs and scoping confirmation for environments.

• x2 sets of access credentials to your system (sent through a secure link).

• VPN configuration information, if applicable.

You will receive reminders to fill out the checklist via email and Slack 2 weeks before the pentest scheduled start date. You will receive a separate pentest checklist for each project. Multiple team members can participate in filling out the checklist as it auto-saves the information automatically.

If you are a Penetration Testing as a Service (PTaaS) client, you will not need to re-complete this checklist every time. Once the pentest checklist is completed the first time, you will only need to go back and make edits if necessary. If you have changes to any element of the questionnaire (such as new features in scope for the test or a new URL to the test environment), please ensure these updates are made to the checklist ahead of your next pentest.

Finding the Checklist in Portal:

1. Log in to portal and select the project you wish to view. If you need to fill out the checklist, the Project Details card will warn you:

1. To view the checklist, navigate to the checklist tab:

Checklist FAQ