Nederlands
Performing an effective retest after an initial pentest involves several critical steps to ensure that vulnerabilities have been properly addressed and that no new issues have emerged. For more information about our retests, the retesting process and the required documentation to be delivered, also see our Retest page.
A structured approach to effectively set up a retest involves:
- Review Initial Findings
- Analyze the Report: Carefully review the initial pentest report, focusing on identified vulnerabilities and their severity levels.
- Prioritize Vulnerabilities: Ensure that high- and critical vulnerabilities have been addressed first, followed by medium—and low-severity issues.
- Plan the Retest
- Scope Definition: Clearly define the scope of the retest. It should focus on previously identified vulnerabilities but also include a check for any new issues.
- Environment Preparation: Ensure that the testing environment mirrors the production environment as closely as possible, including any updates or changes made since the initial test.
- Communicate with the Development Team
- Discuss Fixes: Engage with the development or IT teams to understand how the identified vulnerabilities were addressed.
- Documentation: Collect documentation of the implemented fixes, such as code changes, patch deployments, or configuration updates, and place proof/screenshots of the fixes in the initial assessment in our Reporter Security Platform portal.
- Execution of the Retest
- Retesting: Let our pentesters work their magic while they perform the retest, and check whether the fixes properly mitigate the security risks.
- Updated Report: After completion, you will receive an updated pentest report with all retest results.