13 INTERPRETATION AND APPLICATION OF REPORT OUTCOMES

Gemma Moore

Once you have received your penetration test report, you need to decide how to use it and what to do with the information therein. In this chapter, we look at the usefulness of debrief meetings, the importance of applying business context to the technical risks identified, and how to integrate findings into bug trackers and ticket managers.

ON DEBRIEFS

When interpreting a penetration test report, it is important to understand the limitations of written communications that surround the production of a report written by an external penetration tester. In this context, considerations to be borne in mind include the following:

The test consultant who has performed your penetration ...

Get Penetration Testing: A guide for business and IT managers now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.