AppSec Sample Reports

["Pete Soderling" <pete () techsmartgroup com>]

Hey all,

I'm interested if anyone has any sample appsec vulnerability reports to
share. I'm interested in learning/evaluating the best ways to report on
vulnerabilities to a client, and it would be helpful to see different ways
others have done it. Obviously, I'm not interested in - and don't want these
to contain any client-specific or sensitive info - but if anyone has any
appropriate documentation to share it would be helpful.

Also appreciated would be links to any other online projects dealing with
this - although I haven't found much yet. I know OWASP has a PenTest
Reporter tool in the works that would fall into this category, although it
doesn't look like it's been officially released yet.

Thanks for any help or suggestions.

cheers,
--pete



-------------------------------------------------------------------------
Sponsored by: Watchfire

Watchfire named worldwide market share leader in web application security 
assessment by leading market research firm. Watchfire's AppScan is the 
industry's first and leading web application security testing suite, and 
the only solution to provide comprehensive remediation tasks at every 
level of the application. See for yourself. 
Download a Free Trial of AppScan 6.0 today!

https://www.watchfire.com/securearea/appscansix.aspx?id=701300000007t9c
--------------------------------------------------------------------------