Core Impact Reporting

Automated pen testing reports that provide the
details needed to take your next steps

Text

Robust reporting capabilities are a critical part of Core Impact’s centralized toolset, as pen test reports are used to plan and prioritize remediation efforts, as well as prove compliance for regulations like PCI DSS, GDPR, and HIPAA. 

Manual pen test reporting can be a time-consuming effort that varies in details and quality. Core Impact’s automated reporting features ensure consistency and increase efficiency, creating a thorough record for all aspects of a pen testing engagement.

Reporting Categories and Formats

A number of reports, including the executive summary, cover all three vectors, and are classified under general reports. There are also vector specific reports covering the three types of pen tests that Core Impact performs:

Network

These reports cover tests that target your infrastructure, like hosts, IPs, or different operating systems attached to the architecture.

Client-Side

These reports cover social engineering tests, targeting end user interaction through the deployment of phishing emails.

Web Applications

These reports cover tests of web applications targeting web pages and urls while monitoring for the OWASP Top 10 Web Application Security Risks.

Text

Reports are typically formatted as spreadsheets, with some offering charts and graphs that can be tailored as needed. Final versions of reports can also be generated as pdfs to deliver to clients or stakeholders.

General Reports

Text
Image
Executive Report for Network Pen Test
Executive Report

 

Executive Report

This summary report fully covers every pen testing activity Core Impact completed throughout an engagement, along with the test results. Data includes summaries of:

  • Exploited vulnerabilities
  • Discovered hosts and network devices
  • Targeted users
  • Most exploited vulnerabilities by operating system
  • Most exploited vulnerabilities overall

Text

Network Reports

Text
Image
Host Based Activity Report
Host Based Activity Report

 

Network Report

This report provides details about hosts that were discovered and any vulnerabilities that were successfully exploited.

Text

Client-Side Reports

Client-Side Penetration Test Report

This report includes detailed summaries of client-side pen tests, including attack types, exploits used, and email messages sent to deliver attacks or link them to a malicious site.

Text

Web Application Reports

Text
Image
Web Application Vulnerability Report
Web Application Vulnerability Report

 

Web Apps Executive Report

This summary report provides the information obtained during the pen test, including discovered hosts, compromised vulnerabilities, and executed tasks.

Reporting with the Plextrac Integration

Text
Image
Business report icon

 

Gather all your pen testing data in one place. With Core Impact’s integration with Plextrac, you can collect reporting information from vulnerability scanners and any other tools used during your pen test, consolidating the information so it can be shared as one comprehensive report.

Get to Know Core Impact

CTA Text

Find out about all of Core Impact's many features like agents, phishing capabilities, reporting, and more.

LEARN MORE