Simplify Pentest Reporting and Improve Time to Value With the Industry’s Largest Findings Repository You can now leverage writeups for over 25,000 CWEs, CVEs, and KEVs to provide detailed guidance on vulnerabilities, the level of exposure, and remediation steps At PlexTrac, it’s our mission to help cut pentest reporting time while ensuring high-quality, actionable reports. In line with this mission, we have added to our already extensive library of writeups to now include Common Vulnerabilities and Exposures (CVEs), Common Weakness Enumerations (CWEs), and Known Exploited Vulnerabilities (KEVs) to help customers enrich findings with guidance on vulnerabilities or flaws, the level of exposure, and remediation steps. We now offer over 25,000 writeups – more than any other pentest reporting automation platform. What are CVEs, CWEs, and KEVs and why is it important to include the findings writeups in the platform? As you know, CVEs are used to identify a specific vulnerability, CWEs are used to categorize flaws or weaknesses that could potentially result in a vulnerability, and KEVs reference vulnerabilities that have already been exploited as documented by CISA. Searching for or manually creating a CWE, CVE, and KEV writeup is tedious and error prone. Incomplete writeups can result in missed remediation steps or, worse, threat recurrence. By having CVE, CWE, and KEV writeups in the PlexTrac platform, customers can insert the appropriate explanation of the flaw or vulnerability as well as the proposed fix, which speeds the delivery of the report. It helps provide developers with the context needed to strategically remediate flaws promptly and enables service providers to enhance their unique value proposition by advising prescriptively on which findings to fix first. What other value adds are in the works for the PlexTrac platform? A few months ago, we released our new style and configuration features, designed to further streamline the reporting workflow and enable scalable delivery of customized pentest reports without the need for a highly technical resource or a substantial time investment. As part of the release, we added: Additional and expanded pre-built export report templates Style guides with customizable options Configurable findings layouts (add, remove, or reorganize sections at your discretion) Since the release, we have been diligently working to add even more low-code options for the reports, including more report templates. We’ve also been working on ways to help you track and prioritize groups of thematic findings. Imagine being able to not only share the proposed fixes but also the order of priority based on a fully customizable, contextual severity score. Ready to learn more? Aside from offering the largest findings repository in the industry, there are several other areas where we stand out amongst the competition. Check out our recipe for selecting a pentest management and automation platform that meets your unique needs.
Vulnerability Assessment vs Penetration Testing: Understanding the Key Differences Vulnerability Assessment vs Penetration Testing READ ARTICLE
Unlocking Continuous Threat Exposure Management: New Features for Prioritizing Remediation Based on Business Impact The evolution of product security READ ARTICLE