Search the Community
Showing results for tags 'reporting'.
Hello, I'm working as pentester freelancer. The company that hired me has to perform annually at least one external and one internal pentest of its web application (they have an e-commerce service). They have to obey a set of compliance rules to ensure that they will keep a maturity security level. To keep this level of maturity security, an external audit company has to identify and verify if these pentests were executed. Note that this means that the external audit company does not have to know which vulnerabilities were found, but they have to be sure that tests were made. Pentests's rep
Hello, I've been lurking in these forums every now and then to read up on random discussion (fresh account, first post), and I need some advice here. I'm attending a school to get my Associates Degree, and we have a sort of 'system' on campus that the students and staff use. I stumbled upon a way to exploit said system (not an issue of epic proportions, but still something that bothers me), and I would like to inform the I.T. staff so they can fix it. I just don't know how to approach them. Should I drop by in person, or email them? What if they don't care? What if they get pissed? Just, too