📄Assessment Testing

Overview

In the testing phase, you will remain updated throughout the phase with consistent communication and real-time vulnerability reporting.

1. Real-time Communication

Efficient communication is essential for successful pentests. We utilize Slack as our primary hub for real-time, synchronous interactions. Users can leverage Slack's Video and Audio calling features for immediate collaboration.

For each pentest, 3 distinct Slack channels facilitate streamlined communication:

• Customer Channel: Only visible to organization members involved in the assessment.

• Pentester Channel: Exclusive to pentesters for internal discussions.

• Stakeholder Channel: Visible to all stakeholders for a comprehensive assessment overview.

2. Real-time Findings

Prompt reporting of vulnerabilities through our platform ensures continuous assessment updates. Pentesters are encouraged to report findings immediately, providing current insights into your asset's security posture. Check here for details on Manage Reports Guide

• Overview: Track assessment progress, severity of findings, communication channels via Slack, vulnerability reports, pentest team details, and asset scope.

• Scope: Details of assessed assets, including types, identifiers, and status in addition to the testing checklist.

• Reports: Submitted vulnerability reports with severity and current status.

• Pentesters: List of assigned pentest team members.

• Details: Specifics about assessment timeline, in-scope assets, and rules of engagement.

• Attachment: Management and display of assessment-related files.

• Settings: Configuration of assessment preferences and settings.

3. Updating Assessment Phase to Reporting

Once the pentest team has completed the testing, the reporting phase begins which includes validating identified vulnerabilities, preparing comprehensive report, and scheduling debriefing sessions to discuss outcomes.

Related Articles