At RedTeam Security, we consider the delivery and reporting phase to be the most important and we take great care to ensure we’ve communicated the value of our service and findings thoroughly. Our penetration testing and red teaming deliverables consists of an electronic report that includes several key components including, but not limited to: Executive Summary, Scope, Findings, Evidence, Tools and Methodology.
In addition to the report, a raw file in comma-separated value (CSV) format is also provided in an effort to optimize the remediation and management of any identified findings.
The findings within our penetration testing and red teaming deliverables are communicated in a stakeholder meeting and typically presented in-person or virtually via Webex — whichever medium is most conducive for communicating results effectively. During this time, RedTeam Security consultants will walk through the report, in detail, to ensure all findings and their corresponding description, risk rating, impact, likelihood, evidence, and remediation steps are thoroughly understood. While this typically involves a single meeting, there is no limitation to that number. The key underlying message is that all information is clearly understood and that a roadmap toward remediation/mitigation is crystal clear.
Some of the key components to our penetration testing, red teaming and social engineering deliverables include, but are not limited to:
- Control Framework (ie: OWASP, PCI, PTES, OSSTMM)
- Executive Summary Narrative
- Technical Summary Narrative
- Report Summary Graphs
- Summary of Findings
- Findings (Description, Business Impact, Recommendation, Evidence, References, CVSS, Risk Rating Calculation)
- Methodology and Approach
- Risk Rating Factors
One of our core goals as an organization is education. We work to make sure your team has a full understanding of your red teaming or penetration testing deliverables at the close of our engagement and are available thereafter to conduct follow-up remediation testing at no additional cost.
Learn more about RedTeam Security's advanced Application, Network and Physical Penetration Testing, Social Engineering and Red Teaming services.