📈Viewing and downloading reports and executive summaries

How to download the pentest results including the pentest report, certificate, and CSV export.

Reports

The final report is typically delivered two business days after the end date of active testing. Once testing is completed—and before we send the report—we fully scrutinize and evaluate the findings, collect any final necessary evidence, calibrate the risk, and perform internal QA on the report document. The document is one inclusive report for all components within scope unless other requirements were outlined before active testing began.

The report includes the following information:

Table of contents
Testing overview
Testing dates
Specific assets and components in scope
Calibrated scoring overview
Uniquely numbered sections for each vulnerability, including:
- Vulnerability name and class
- Vulnerability severity for both impact (CVSS) and risk (DREAD)
- Vulnerability location and affected entities
- Description of the vulnerability
- Specific impact of the vulnerability (also reflected in scoring)
- Mitigation (remediation) solutions and security recommendations
- Steps to replicate (reproduce) each issue
- Evidence or Proof of Concept (POC) for each vulnerability (or both, if necessary)
- Additional external links and references

The pentest report is delivered directly through Portal. This allows you to easily control who has access to the report by managing your portal users and their permissions.

We strive to make the report as detailed and actionable as possible; let us know if you require additional information. We can schedule a read-out call to go over the report in detail, or we can answer questions over email or Slack.

Downloading your PDF pentest report

In the project selection bar, choose which project you would like to download a report for.
Open the Reports & Executive Summaries tab.
Optional: Click Customize Report to change what appears in the downloaded report or executive summary.
Click the download button for the desired pentest, and select the report option.

Executive Summaries

The pentest Executive Summary is an externally facing document that is a condensed version of the report. This document is best suited to be distributed to clients, auditors, and other external stakeholders.

Download the pentest executive summary

In the project selection bar, choose which project you would like to download a certificate for.
Open the Reports & Executive Summaries tab.
Use the test range selector to view the pentests that you want to view—either by date range or by test.
Optional: Click Customize Executive Summary to change what appears in the downloaded executive summary.
Click the download button for the desired pentest, and select the executive summary option or the abbreviated executive summary option.

Exporting vulnerabilities as CSV

Exporting your vulnerability information in a .csv file is an easy way to help move the information into other bug-tracking platforms that you may use. Copying vulnerability information to your clipboard is another easy way to help move the information into your bug-tracking platform.

In the project selection bar, choose which project you would like to export vulnerability information for.
Open the Vulnerabilities tab.
Using the table multiselect, select the vulnerabilities that you want to include in the CSV file.
Click Export CSV from the bulk actions dropdown.

PreviousConsultation requests

Last updated 2 months ago

Was this helpful?