The purpose and use of each report template are described below.
1. Scanning report (DOCX)
Output scanning results report in DOCX format.
⇒ Mainly, it is suitable for a summary report shared in the company or a report to be provided at the product delivery.
2. Scanning report (XML)
Output scanning results report in XML format.
⇒ According to user's needs and purpose, it can be further processed and used in any way.
(It can be used as an original data for creating a custum report.)
3. Scanning scope information (CSV)
Output checked message information as scanning scope in CSV file with url, function name and parameter number.
⇒ It can be used for checking a scanning target pages/parameter information before a scan and also included in a series of reporting documents.
4. Scanning results checklist (XLS)
Output the report with XLS checklist format.
⇒ It can be used for reporting that a scan has been completed without omission to the Information Security Auditor.
Or, a tester can confirm that a scan has been carried out without omission after/during running a scan.
5. Scanning results checklist (CSV)
Output reports in CSV checklist format.
⇒According to user's needs and purpose, it can be further processed and used in any way.
6. Scanning results summary sheet (ZIP)
Output report in scanning results summary format
⇒ Since the detected vulnerability is shown with highly consistent format, it is suitable for checking the detection status during or after the scan, or for sharing scan results to developers.
7. Check list based on IPA's guidelines (ZIP)
Output scanning checklist based on "How to Secure Your Website" provided by IPA(Information-technology Promotion Agency).
⇒ It is suitable for checking the security level of the application based on the "How to Secure Your Website" checklist.
8. OWASP TOP10 2017 compliant report (DOCX)
9. PCI DSS v3.2 compliant report (DOCX)
Output scan results report compliant with OWASP TOP 10 2017.
Output scan results report compliant with PCI DSS version 3.2.
⇒ It is suitable for checking the secure level of the aplication based on the above guidelines.