Chapter 17

Reporting Your Results

IN THIS CHAPTER

check Bringing your test data together

check Categorizing vulnerabilities you discover

check Documenting and presenting the results

If you’re wishing for a break after testing, now isn’t the time to rest on your laurels. The reporting phase of your security assessment is one of the most critical pieces. The last thing you want to do is run your tests, find security problems, and leave the job at that. Put your time and effort to good use by thoroughly analyzing and documenting what you find to ensure that security vulnerabilities are eliminated and your information is more secure as a result. Reporting is an essential element of the ongoing diligence that information security and risk management requires.

Reporting includes sifting through all your findings to determine which vulnerabilities need to be addressed and which ones don’t matter. Reporting also includes briefing management or your client on the various security issues you find, as well as giving specific recommendations for making improvements. You share the information you’ve gathered and give the other parties guidance on where to go from there. Reporting also shows that the time, ...

Get Hacking For Dummies, 6th Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.