What happens during report QA?
QA overview
The final phase of a penetration assessment using vPenTest is Quality Assurance (QA). At the end of the assessment, the auto-generated reports are placed into a QA process that is reviewed by Vonahi Security experts for additional depth, accuracy, and improvement of vPenTest.
Vonahi commits to publishing the final deliverables within 2 business days from the completion of the test. There is also an option to extend the QA window to allow for our pentesters to potentially improve both the findings and vPenTest automation.
QA process
QA is an essential part of the vPenTest methodology.
This window of time allows our Pentest Team to review the results and look for opportunities to improve both the findings and vPenTest.
Vonahi Security has a lab environment where most of our penetration testing development takes place; however, there may be unique scenarios where a particular part of the post-exploitation chain requires our team to develop new components during this QA phase.
In our QA process, our experienced penetration testers perform the following tasks:
- Ensuring that our automated penetration testing platform continues to meet the requirements of a penetration test.
- Identifying any issues that may have stemmed from the automation (e.g. errors).
- Identifying new opportunities (e.g. vulnerabilities) that could be exploited and useful for our automated penetration testing roadmap.
- Any new findings discovered in this process will be added to your report during QA to provide additional value.
- Providing any additional alerts or warnings about post-exploitation findings in some scenarios.