The Future of Penetration Test Reporting is here now

The Future of Penetration Test Reporting and it's importance

Explore the future of pentest reports as we unveil the next-generation approach. Discover what's on the horizon for cybersecurity assessments and reporting.

Conor O'Neill
Conor O'Neill
Founder & Chief Product Officer
August 30, 2018

The traditional pentest is dead

Clients are sick of the old-school model of being charged an extra day for a pen-tester to create a drawn-out PDF. They are sick of the waiting too - a week or two weeks is simply too long for agile teams to wait to find out about issues.

The format is broken

Old school pdf Pentest reports have either far too much or too far little detail, depending on who is reading them a CEO or a CIO.

However, with OnSecurity all findings are reported securely online so it's much easier for users to filter the information and decide for themselves the level of detail they need to see.

Management can see top-line actions, while developers and security teams can drill down into the technical detail.

A penetration test report executive summary

Real Security requires Real-time reporting.

Waiting 3 weeks for a test to start and 2 weeks after the test has finished to receive the results isn't good enough anymore. The fact is, most vulnerabilities found during a pen-test can be shared within hours, not weeks.

Our testers report their findings in real time when the information is fresh, evidence is available and the tester motivated.

Report showing security issues in real-time

Online reporting changes the dynamic

Developers can now speak to testers directly via Slack clarifying issues and remediation advice. This allows them to fix issues as we find them and have them retested for free within the testing window.

Clients chatting with pentestesters via Slack


About Conor O'Neill

Conor is our Co-Founder and Head of Product Strategy at OnSecurity. Conor has over a decade of IT security experience, and has held a number of impressive letters after his surname, including M.Sc, CRT, GCIH and CISSP.

Feel free to connect with him on LinkedIn or get in touch with us at OnSecurity to discuss how we can help your business get more insight from your security reporting.

More recommended articles

© 2024 ONSECURITY TECHNOLOGY LIMITED (company registered in England and Wales. Registered number: 14184026 Registered office: Runway East, 101 Victoria Street, Bristol, England, BS1 6PU). All rights reserved.