Writing Findings
Clear, actionable findings.
What Makes a Good Finding
A finding is the unit of value in a pentest report. A good finding is clear, evidence-backed, and actionable.
The reader should understand the problem, believe it is real, and know what to do, all from one entry.
The Finding Template
Use one consistent template for every finding. Consistency builds trust and makes findings comparable.
Each finding has the same fixed sections.
Finding fields:
Title | Severity | Affected Assets
Description
Steps to Reproduce
Impact
Remediation
References (CWE/OWASP)All lessons in this course
- Report Structure
- Risk Scoring
- Writing Findings
- Remediation Guidance