The result of every test we perform is a comprehensive report. It consists of three parts:
- The management summary. It contains a high level summary of all findings and a general risk assessment for a non-technical audience. Additionally it contains a list of general recommendations how your security can be improved even further, beyond only fixing the vulnerabilities identified in the test.
- The table of vulnerabilities. It is comprised of a list of all vulnerabilities identified during the test, the resulting threats and risks, as well as detailed technical recommendations on how to fix or mitigate the vulnerabilities.
- The technical test protocol. It contains technical details on how NSIDE identified the vulnerabilities uncovered during the test. Thus not only the technical specifics can be analyzed in more detail. Also, after deploying fixes or mitigations, the findings can be easily reproduced either by your staff or by us to verify that vulnerabilities were really fixed.
Using our detailed report, you can understand your vulnerabilities in detail, assess your risks, and systematically improve the security of your organization, system or product.
Following the completion of our tests there is a debriefing and final presentation with all individuals involved in the test in order to discuss all findings, their implications, how to fix them, and any questions our customers might have. This final presentation can either be given over the phone, using web conferencing systems, or on our customer’s site. For any questions you might have, even after the conclusion of our project, we are always happy to help!