You can track pentests based on “Status” which defines which defines actions and who’s responsible:
- Requested – You have submitted a request and are working out details relating to budget, scope, and timeline
- Scheduled – The Pentest has been agreed on by both parties and will commence on a set date
- Onboarding – Project kickoff, asset handoff, and permissions handoff happen during this stage. These will be scheduled during the Requested Phase.
- In Progress – The Pentester is performing requested services
- Remediation – The Pentester has delivered Findings and your Developers can remediate Findings and request retesting
- Offboarding – You receive a report to finalize the Pentest, sign off on everything, and schedule the next test according to your security calendar.
- Done – The Pentest is finished
- It’s also possible to Cancel Pentests