Skip to main content

Continuous Pentesting: How to generate an audit report

Generate an audit report to share all key information about your program

Updated yesterday

What is an audit report ?

An audit report is a summary of a pentest program that includes:

  • A customized description of the pentest program, and a synthesis of the findings

  • Key information about your program (e.g., program rules, date range, distribution of vulnerabilities, etc.)

  • Detailed reports (e.g., status, type, description)

With the audit report, you can easily share information internally with key stakeholders (e.g., for board reporting) or externally with regulators.

How to export the Audit Report

ℹ️ Export an audit report anytime during a current, or a previous, pentest campaign.

  • Go to the “Admin Panel”

  • Choose a Pentest program

  • Click on “Audit reports” in the left-side menu

  • Click on “Generate an audit report”

  • Choose a “start” and an “end” dates

  • Define an author

  • Fill in the sections “Description and goals” and “Synthesis of findings” (note: This information will be included in the final report)

ℹ️ At the end of a pentest campaign, these two sections will already be drafted by the CSM team, directly based on pentester’s summary. You’ll be able to modify the content if needed.

  • Click on “Generate audit report”

  • The new audit report will appear in the “Audit reporting” section

  • Retrieve the history of your “previous audit reports”

ℹ️ Click toggle buttons to set the visibility of audit reports to other pentesters.

Related Articles
How to generate & customise a final pentest report
Pentest report management
Set up your pentest campaign
Manage my vulnerability reports from continuous pentesting
Vulnerability reports from Continuous pentesting
Did this answer your question?