Podme logo
KotiLöydäKategoriatEtsiOpiskelijoille
7MS #358: 4 Ways to Write a Better Pentest Report

7MS #358: 4 Ways to Write a Better Pentest Report

39:582019-04-16

Jaksokuvaus

This episode is brought to you by ITProTV. Visit https://www.itpro.tv/7minsec for over 65 hours of IT training for free! This week we're talking about everybody's favorite topic: REPORT WRITING! Yay! The peasants rejoice! In the last few months I've seen a lot of reports from other companies, and here are a few key problems I see with them: Too long - overall these things are waaAAaAaaAayyyYYYYYYyyy too long. I see reports where the analyst has copied and pasted an entire Nessus report into the main report. Yikes. That makes these things weigh in at hundreds(!) of pages. Too techie - these reports look like their written from one techie to another. Nothing wrong with that, really, however in many cases the key person that needs to "get it" is a manager or C-level position who needs to understand the risks in plain English. No narrative - the reports are just a long laundry list of vulnerabilities without any context of how the pentest was conducted or which vulns should be fixed first. Weak remediation - most of the findings are accompanied by whatever remediation instructions are provided by the vuln-scanner or other tool. We can do better than this! How? Listen to today's episode :-). Oh, and don't forget to come to the next 7MS User Group meeting on Monday, April 22! Details here!

logo

PODME

TIEDOT

  • Evästekäytäntö
  • Käyttöehdot
  • Tietosuojakäytäntö
  • Medialle

LATAA SOVELLUKSEMME!

app storegoogle play store

ALUEELLA

flag
  • sweden_flag
  • norway_flag
  • finland_flag

© Podme AB 2024