What does an AVORD pentest report look like?
AVORD uses globally recognised standards such as the Penetration Testing Execution Standard (PTES). All reports are inputted directly into the platform in set fields and cannot be sent until completed correctly to our standards. We strive to increase quality and consistency across the reporting process.
Example of the headings that can be found in the AVORD reporting page
The Executive Summary
This section will communicate to the reader the specific goals of the Penetration Test and the high-level findings of the testing exercise. The intended audience will be those who are in charge of the oversight and strategic vision of the security program as well as any members of the organization which may be impacted by the identified/confirmed threats.
The executive summary should contain most if not all of the following sections:
Quality and Consistency
This section will communicate to the reader the technical details of the test and all of the aspects/components agreed upon as key success indicators within the pre engagement exercise.
The technical summary should contain most if not all of the following sections: