The purposes of various report format are described below.
1. Scan report
Scan result report in Word format.
⇒It serves as a summary report shared in the company or provided to clients at the delivery.
2. Scanning Scope information
Message information of the target (URL/feature/parameter information) in CSV format.
⇒Useful when checking target screen/parameter information prior to a scan. It also serves as an appendix to the scan report after a scan.
3. Scan result checklist
A detection status of vulnerabilities per host, request, and parameter in XLS format.
⇒Useful when submitting a report to IT security auditors that the security scan has been carried out without any overlooks, and checking whether or not there are any overlooks during/after a scan by a tester himself.
4. Scan result checklist
The above checklist can be output in CSV format.
⇒You can choose the format according to your needs.
5. Scan result summary sheet
The list of scan results in XLS format.
⇒Since the detected vulnerabilities are organized in such a way that you can see the whole thing at a glance, it is useful when checking the detection status during/after the scan, and sharing the results with developers.
6. OWASP TOP10 2017 compliance report
7. PCI DSS v3.2 compliance report
The vulnerabilities detected by Vex are categorized according to the above guidelines and output as a report in Word format.
⇒Useful when checking the vulnerabilities based on the above guidelines
8. Code Dx report
9.ThreadFix report
The vulnerabilities detected by Vex is integrated with the above services and output as a report.
Both reports are available in Vex8.0.0.0 and later.
[MEMO]
The "Scan report (XML)" in up to Vex7.2.2.0 is no longer available in Vex8.0.0.0 and later as "Code Dx report" has been implemented.
Comments
0 comments
Please sign in to leave a comment.