📃Pentest Results

After each penetration test, your results will be automatically uploaded into the Portal. You will receive a notification by email (and Slack if you have the integration) when results are available.

To view your results:

1. Select the project you would like to view from the project selection bar.

2. Click on the "Vulnerabilities" tab.

You can also view the details, impact, mitigation tactics, replication steps, evidence, and comments for a specific vulnerability by selecting any vulnerability on the page:

On the sidebar, you can view the status, severity, SLA status, date identified, last updated, and any labels or participants.

After viewing your results, there are actions your team can take to tackle remediation. In the main menu of your project’s vulnerability dashboard, you can book a retest, copy to clipboard, export a CSV file, add labels, accept risk or reopen issues.

Adding Labels

You can add labels to your vulnerabilities making it easier to categorize and sort (e.g. by release, by assigned team, or by internal priority) Users can add up to 50 labels per project.

Accepting Risk

Org Admins and Project Admins can accept risk by selecting the vulnerability and clicking “Accept Risk”. When submitting a request to accept risk, a note will have to be provided as well as a timestamp. The issue will have another state called “Accept Risk”. It will be treated as “Closed”, meaning it is not visible by default in the list of vulnerabilities, and SLAs don’t apply to it.

Reopening Issues

Reopened means a vulnerability is detected, confirmed to be remediated, and then detected again. Reopening issues can be done by selecting the vulnerability you wish to reopen and clicking “Reopen Issue”. The issue is then marked “Updated” and back to the original risk rating. For any new report going out, the issue will be moved back to the main report.