12 ROLE AND COVERAGE OF REPORTING

Gemma Moore

Following any penetration test, you will generally receive a formal report from your penetration test provider. In this chapter, we will explore the role and purpose of a penetration test report, the type of content that will be included and how to use the report content most effectively within your business. A penetration test report, when well-written, will illuminate your technical risks, providing clarity around the business context of the vulnerabilities present with pragmatic advice to treat the risks. Understanding what you need from a penetration test report, and how to interpret report content, can greatly improve the efficacy of your technical assurance activities.

PURPOSE OF REPORTING ...

Get Penetration Testing: A guide for business and IT managers now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.