The Importance of Quality Assurance to a Penetration Test
Perhaps the most important part of a penetration test, aside from the execution of the test, is the quality assurance or QA of the results and documentation. At the end of the day, the results and the final reports are what you are paying for with a penetration test.
Technical Quality Assurance
There is nothing worse then paying top dollar for a penetration test only to have the results come back full of false positives. At Triaxiom Security, every penetration test has a technical quality assurance phase that includes validation of findings to ensure everything being reported is accurate. While this does not ensure that there will not be a false positive, it ensures another qualified engineer has validated the results. Further, we will discuss all of our findings in detail at the final presentation to make sure you’re comfortable with everything reported and nothing appears to be a false positive or misrepresented in any way.
Editorial and Business Quality Assurance
Penetration testing reports vary drastically depending on the type of test performed and the results of that test. At Triaxiom, we take pride in our attention to detail in all aspects of our product including our reports. All documentation not only goes through a technical quality assurance phase, but it also goes through an editorial and business QA. If a report is choppy with grammatical errors and spelling mistakes, the credibility of the report could come into question. Additionally, it is important to ensure full coverage within our reports to ensure that the entire scope of the test was covered in the reporting process.
At the end of the day, we exist to help your organization improve their security posture. We put 110% of our focus and effort into each and every project from the execution all the way through the reporting and final presentation. We respect that penetration testing is a key aspect to your security program and want to make sure we are providing a top-of-the-line service.