ZeroBit
The definition of a Penetration test is: a test of one or more computer systems for vulnerabilities, where these vulnerabilities are actually used to break into these systems. (According to Wikipedia)
So we search for vulnerabilities that can be exploited by attackers to gain access to something that is not intended. That is what we do. But each of our projects always has a report. Otherwise, you as a company wouldn't benefit much from it either ;).
Every report that ZeroBit delivers will contain the following:
A management summary, where management can see at a glance what exactly happened and how bad (or how good!) things are.
A list of all observations discussed in the report, including their risk rating.
After that, we go into detail per observation and discuss the following:
Description: What is the observation actually, and why do we consider it worthy of inclusion in the report.
Likelihood: What is the chance that this observation will be exploited by an attacker?
Impact: If an attacker does manage to exploit this vulnerability, what does this mean for our business?
Recommendation: What do we need to do to remediate this?
Proof of concept: A form of evidence of how we achieved this. Ideal for verifying after the recommendation whether it has actually been resolved.
Finally, there is always an Annex. Here we will, for example, explain how we calculated the score of the observations. Where applicable, we also add some extra reports here. Think of long lists of information that do not immediately add value in the report.
All of this is of course provided with the proper layout and quality control. We attach great importance to the quality that leaves "our door".