13. INTERPRETATION AND APPLICATION OF REPORT OUTCOMES

13 INTERPRETATION AND APPLICATION OF REPORT OUTCOMES

Gemma Moore

Once you have received your penetration test report, you need to decide how to use it and what to do with the information therein. In this chapter, we look at the usefulness of debrief meetings, the importance of applying business context to the technical risks identified, and how to integrate findings into bug trackers and ticket managers.

ON DEBRIEFS

When interpreting a penetration test report, it is important to understand the limitations of written communications that surround the production of a report written by an external penetration tester. In this context, considerations to be borne in mind include the following:

• The test consultant who has performed your penetration ...

Get Penetration Testing now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Penetration Testing by James Hayes, Nick Furneaux, Jims Marchang, Rob Ellis, Jason Charalambous, Moinuddin Zaki, Peter Taylor, Roderick Douglas, Felix Ryan, Ceri Charlton, Gemma Moore, Tylor Robinson, Sharif Gardner

13 INTERPRETATION AND APPLICATION OF REPORT OUTCOMES

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly