Home

Are there any solutions currently in the market for Customization and Total Automation for Penetration Testing Reports?

Its not exactly automation of reports but we are looking at AttackIQ to automate parts of the pentesting process including reporting. Happy to chat further if interested.

Anonymous Author
Its not exactly automation of reports but we are looking at AttackIQ to automate parts of the pentesting process including reporting. Happy to chat further if interested.
3 upvotes
Anonymous Author
CompTIA PenTest+ (PT0-002) includes best practices for automation techniques and it has been released in late October 2021. The exam assesses how to perform automated vulnerability scanning and penetration testing using appropriate tools and techniques, and then how to analyze the results as shown below.   Domain 2.0 Information Gathering and Vulnerability Scanning 2.4 Given a scenario, perform vulnerability scanning. Includes vulnerability testing tools that facilitate automation. Domain 5.0 Tools and Code Analysis   5.2 Given a scenario, analyze a script or code sample for use in a penetration test. Includes automating the penetration testing process and next steps based on results of a scan. 5.3 Explain use cases of the following tools during the phases of a penetration test. Includes automation tools for scanning and web application testing. Most modern penetration testing tools include automation capabilities. For example, you can find automation testing features in Metasploit, Nettacker, Jok3r, Legion, Sn1per, Open Security Content Automation Protocol (SCAP), OWASP ZAP and Burp Suite – to name a few.
3 upvotes
Anonymous Author
There is an emerging security technology domain, breach and attack simulation (BAS), that has the capability to automate penetration testing reporting in a 24x7 basis. I would be more than happy to provide more information how BAS works, pros and cons, cost model etc.
3 upvotes