For many organizations, pentesting means relying on either an internal or external team to test assets, look for vulnerabilities, and exploit anything that is found. Working in teams allows ethical hackers to leverage diverse skill sets and insights, with room to check each other’s work, divide work by expertise, or to split workloads between technical and less-technical people or between junior and senior pentesters.
That’s why Cyver Core offers a significant amount of pentest team management tooling, including role management, task lists, assigned work, chat and comments, and built-in notifications. Now Cyver Core also offers a Finding Review feature to all subscription levels except Starter, so teams can request a review of uploaded Vulnerability Findings before publishing them to the client.
- Upload the Finding, either manually or by batch importing from CSV or Excel.
- Edit the Finding, import data from the Vulnerability Library, set CVSS scores, etc.
- Update the Status to “To Review”
- Select a team member who’s already been added to the platform. This might be a peer, a senior pentester who has to review your work, your technical writer to check the content, etc.
- Save the new status
- The assigned person will receive an update that the Finding has been assigned to them. They can then review it, leave comments to suggest changes, make changes directly, or simply publish it and make it visible to the client.
This new feature offers an extra step of quality control for pentest teams. In addition, it’s ideal for teams working with junior and senior pentesters or trainees, for teams collaborating on pentests where more than one person might have input, etc.