search

📈Pentest Reports

How to download the pentest results including pentest report, CSV export and pentest certificate.

The final report is typically delivered two business days after the end date of active testing. This allows us to fully scrutinize and evaluate the findings, collect any final necessary evidence, calibrate the risk, and perform internal QA on the report document. The document will be one inclusive report for all components within scope unless other requirements were outlined prior to the start of active testing.

The report will include the following:

  • Table of Contents

  • Testing Overview

  • Testing Dates

  • Specific assets/components in scope

  • Calibrated Scoring Overview

  • Uniquely numbered sections for each vulnerability, including:

    • Vulnerability name/class

    • Vulnerability Severity, both impact (CVSS) and risk (DREAD)

    • Vulnerability location/affected entities

  • Description of the vulnerability

  • Impact of the specific instance (also reflected in scoring)

  • Remediation recommendations

  • Steps to reproduce each issue

  • Evidence and/or Proof of Concept (POC) for each vulnerability

  • Additional external links/references

We strive to make the report as detailed and actionable as possible; please let us know if you require additional information. The report will be delivered via a secure transmission medium such as SendSafelyarrow-up-right. This provides access controls to only the authorized emails to download the report. Please let us know if you require additional team members to download the report so we can grant access.

hashtag
Reports

The pentest report is an in-depth and actionable report for your internal team to help with scoring, descriptions, impacts, evidence, steps to reproduce and remediation recommendations.

To download the PDF version of your pentest report:

  1. Select the project you would like a report for from the project selection bar

  2. Open the Reports & Certificates tab

  3. Use the date selector to view the pentests from the date range you would like, and use the report download button:

hashtag
CSV Files

Exporting your vulnerability information in a CSV format is an easy way to help move the information into other bug-tracking platforms that you may use. Copying vulnerability information to your clipboard is another easy way to help move the information into your bug-tracking platform.

To download the CSV version of your pentest report:

  1. Go to the "Dashboards" or “Vulnerabilities” section in the top menu.

  2. If you went to your “Dashboard", scroll down to the "My Projects" section and select “View Vulnerabilities” to open the project you wish to download the CSV file for.

  3. If you went to “Vulnerabilities”, select the project you wish to download the CSV file for.

  4. On the left-hand side, select the vulnerabilities you wish to include in the CSV file.

  5. Click “Export CSV”

hashtag
Certificates

The Pentest certificate, also known as "Executive Summary", is an externally facing document that is a trimmed-down version of the report. This is best suited to be distributed to clients, auditors, and other external stakeholders.

To download your pentest certificate:

  1. Select the project you would like a report for from the project selection bar

  2. Open the Reports & Certificates tab

  3. Use the date selector to view the pentests from the date range you would like, and use the certificate download button

PreviousPentest ResultsNextRetesting

Last updated

Was this helpful?