The Penterep platform allows you to set the status of each vulnerability found. This can take any of the following values:
- unverified
- confirmed
- false positive
- for retest
- corrected
In teamwork, specific user roles have permissions to change some states to other states. Developers or other staff responsible for remediation can change the state of a vulnerability from confirmed to for retest. When the state is changed, testers are notified and can retest immediately to verify the correct function of the deployed fix. If the problem has indeed been fixed, the tester simply changes the vulnerability status to corrected. Otherwise, they will revert the vulnerability back to the confirmed state. It is then again up to the developers to deploy the appropriate fix and change the state. This can lead to repeated transfers of responsibility among staff until the problem is actually fixed. Workers also have a discussion board available for each vulnerability through which they can consult on the appropriateness of solutions or ask for details.
The saved history, notes and discussions make it easy to take on a retest even after a longer period of time, or to pass it on to another worker with peace of mind. The fact that everything is stored in one place thanks to the platform significantly increases work efficiency and helps you save time and money.