CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway. Learn More

Request a Demo

CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway. Learn More

Request a Demo
Services
Capture
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

twi-managed-portal-color
Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

twi-briefcase-color-svg
Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

tw-laptop-data
Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

twi-database-color-svg
Database Security

Prevent unauthorized access and exceed compliance requirements.

twi-email-color-svg
Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

tw-officer
Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

tw-network
Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

View All Trustwave Services
Solutions
BY INDUSTRY
BY REGULATION
BY TOPIC
Offensive Security
Solutions to maximize your security ROI
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
We reduce cyber risk and fortify organizations
Awards and Accolades
Recognition by analysts and media outlets
Trustwave SpiderLabs Team
Global researchers, ethical hackers, and responders
Trustwave Fusion Security Operations Platform
Unprecedented security visibility and control
Trustwave Security Colony
Access to cybersecurity threat protection resources
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats
Register
Login
Resources
BLOGS
UPCOMING
MEDIA & ASSETS
NOTICES
HELP
SpiderLabs Blog

Death to PDF!

February 03, 2012 1 minute read

SpiderLabs customers are frustrated with PDF reports:

  • You can't search them
  • You can't sort them
  • You can't assign pieces of them
  • You can't trend them

PenTest Manager, the reporting tool used by Trustwave SpiderLabs to manage, track and report results of penetration tests, was designed specifically to solve these issues. We realized that the way most consulting company's delivery reports just doesn't work.

This week, we pushed out a new set of reporting updates for Trustwave PenTest Manager which is now available for all customers. Why? Reporting enhancements are one of the most requested features we get from customers.

The major updates are:

  • Customized Methodologies - Within SpiderLabs, we understand that a standard, canned approach to risk assessments does not always work. Business risks differ across organizations; technologies change and evolve, and therefore require different tools, different techniques, and a fresh approach. We have enhanced our online reporting to now support customized test methodologies, so get your ATMs, SCADA systems, and arduino home automation systems ready for SpiderLabs deep technical security reviews.
  • Tag and Report on Specific Findings– Now you can add a personalized tag to a finding in the form of a keyword or term, and then generate reports based on your tagged findings. Group and report security findings by business unit, engineering group, geographical region, or any other way you want to slice the data. This tagging and filtering works at both a test level and a finding level to provide complete control to generate customized reports.
  • Overall CVSS Scoring – Since PenTest Manager is the only online reporting tool for consultant-led penetration testing, we are in a unique position to not only provide Base CVSS scores, but also provide temporal and environmental vulnerability information that accurately reflects the risk to a business through our hands–on testing approach. Automated tools have no way to understand and report the Overall CVSS score given the complexities of diverse technical environments and lifecycle of exploits…but we do!
  • Performance Enhancements – Nobody wants to wait for data to load or reports to generate, so we took significant steps to speed up the responsiveness of PenTest Manager by refactoring key areas for performance.

 

Latest SpiderLabs Blogs

Fake Dialog Boxes to Make Malware More Convincing

Let’s explore how SpiderLabs created and incorporated user prompts, specifically Windows dialog boxes into its malware loader to make it more convincing to phishing targets during a Red Team...

Read More

The Secret Cipher: Modern Data Loss Prevention Solutions

This is Part 7 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The full series can be found here. Far too many organizations place Data Loss Prevention (DLP) and Data...

Read More

CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway

Overview A command injection vulnerability has been discovered in the GlobalProtect feature within Palo Alto Networks PAN-OS software for specific versions that have distinct feature configurations...

Read More