The procedure for a pentest
3. Vulnerability Assessment
4. Actively exploiting vulnerabilities identified.
5. Final Analysis and Review
This comprehensive report includes narratives of where we started the testing, how we found vulnerabilities, and how we exploited them.
Where applicable, it will also state the penetration tester’s opinion of whether or not your penetration test adheres to applicable framework requirements.
6. Utilize the Testing Results
The organization being tested must actually use the findings from the security testing to risk rank vulnerabilities, analyze the potential impact of vulnerabilities found, determine remediation strategies, and inform decision-making moving forward.