Planning work across teams means being able to track workloads per team and per individual tester. That’s important in both external and internal pentest teams. With Cyver Core’s pentest management platform, you can set company and individual workdays and hours, plan pentests based on average testing calculations, and track availability so you can plan work and workloads for the long-term.
Availability
Availability allows you to set hours worked and time spent per project. You can start with estimations and then tweak that over time until it better reflects exactly how your teams work.
- Set normal workloads and hours for the organization. Add days worked, hours worked, and free days/exceptions. You can adjust these hours on a per team/per project basis.
- Add normal project timelines per project phase, per pentest type via the pentest template. You can calculate this much like story points, with x hours delegated to testing, X to reporting, X to client review, and so on. You’ll get hours per testing phase you sets up in the project. In addition, those hours hand off to the teams responsible for them – so if client teams get 2 weeks to review pentests, it won’t show as busy for the pentest team during that phase. You can manually adjust the duration of a phase on a per-project basis by editing settings.
The idea is that you get a roughly accurate estimate of hours needed per phase of the pentest. You can then delegate roles to pentesters on the project and their availability will fill up accordingly.
Planning
Scheduling pentests with Cyver Core means they are scheduled into the pipeline in Cyver. You’ll get an overview of what you’re working on and when. You’ll also see who’s working on it. Plus, you’ll be able to set the number of projects you can take on at once. So, if you set a maximum of 3 pentests at once, you’ll show as fully booked when you have three projects going on at any given time. That means no more overbooking projects because you aren’t aware what’s planned for when. On an individual level, you’ll see pentest projects and calendar, so the pentester always sees what their priorities are and what they should be testing.
You can also allow your client to request pentests with dates planned directly into your calendar. Here, they see your availability and can pick from dates where you aren’t fully booked. Then, when you accept the pentest, it’s automatically moved into the calendar.
Timesheets
Individual testers can log hours spent on the project, per project. This makes it easy to see exactly how much time you’re spending on every phase of the test. In addition, it’s ideal if you want to invoice the client on an hourly basis. It’s also a great fit if you’re bringing in external testers who need to register hours and have them approved.
You’ll then see those hours in the planning menu as well as on the pentest page.
Resource Tracking
Planning and scheduling make it easier to see resource allocation across your teams and internal talent. You’ll have at-a-glance insight into who’s doing what and when, which pentesters are free or not, and where your pentesters are spending their time. That’s good insight for planning, for billing, and for ensuring you’re making the most of talent across your pentest team.
Managing teams and how they spend their time gives you more options to delegate work and tasks across your team. More importantly, it gives you insight into costs, resource utilization, and time needed for pentests, so you can optimize workflows and time estimates for clients. Plus, when you know what you’re scheduling and how long it takes, you can easily automate pentest planning so clients can simply request new pentests based on templates and automatically add them to your calendar.
If you’d like to see more or learn how Cyver Core’s timesheet and availability features fit into your use case, schedule a demo.