NEW FEATURE
Cobalt PtaaS + DAST combines manual pentests and automated scanning for comprehensive applications security.
NEW FEATURE
Cobalt PtaaS + DAST combines manual pentests and automated scanning for comprehensive applications security.
Cobalt-Logo-White

A Developer’s Guide to Pentest Terminology and Metrics

Whether it’s for compliance, stronger security, or testing specific app features, pentests are a common part of the security testing mix. But there’s a problem: pentest reports are rarely intuitive to Dev teams, in large part because of excessive jargon.

The ideal scenario is to share with developers pentest findings that are clear, structured, and easy to replicate. If your team has to deal with a cryptic pentest report, Nick Terkay — Senior Director of Engineering, CX — has prepared a short guide on the most common pentest terms and metrics, and how to use them to improve the quality of your code.


What you'll learn in this guide:

  • What are Pentest Findings and Vulnerability Types, and how they can help you find your security blind spots
  • What a Finding Severity Level is, and how it can help prioritize security tickets 
  • What  Time to Fix is, and how to use that metric when reviewing your team’s performance

 

Download the Guide

3rd Party Validation Reports

The latest