You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/programs/pentests.md
+10-9Lines changed: 10 additions & 9 deletions
Original file line number
Diff line number
Diff line change
@@ -11,15 +11,14 @@ In a penetration test (pentest), authorized hackers simulate a cyberattack on a
11
11
### How it works
12
12
13
13
Here are the steps outlining the process of pentests:
14
-
1. Hackers wanting to participate in pentests apply to be a part of the pentester community.
15
-
2. HackerOne reviews all applicants and decides which hackers meet the criteria to join the pentest community.
16
-
3. Hackers that are accepted into the pentest community are able to view available pentest opportunities from programs offering pentests.
17
-
4. When hackers find a pentest they want to partcipate in, they submit an application to participate in the pentest.
18
-
5. HackerOne looks at all applicants and forms a pentest team.
19
-
6. After testing has been completed, the lead pentester will draft and submit a summary report of their findings.
20
-
7. Once the vulnerabilities have been fixed, the pentest team will retest the vulnerabilities to make sure they're fixed.
14
+
1. You'll work with one of HackerOne's technical program managers to scope out and set up your pentest.
15
+
2. HackerOne will look at all pentest applicants and form the best pentest team for your pentest.
16
+
3. When your pentest begins, the pentest team will have 2 weeks to find vulnerabilities.
17
+
4. After testing has been completed, the lead pentester will draft and provide a summary report of the team's findings.
18
+
5. You'll be able to remediate the found vulnerabilities.
19
+
6. Once the vulnerabilities have been remediated, the pentest team will retest the vulnerabilities to make sure they’re fixed.
21
20
22
-
After pentesting has been enabled for your program, your new pentest will be listed on the **Pentests** tab of your security page.
21
+
To learn how pentests work from the hacker side, see the [Pentest Overview page for pentesters](/hackers/pentest-overview.html).
23
22
24
23
### Managing Pentests
25
24
After you log in to HackerOne, you’ll be met with the *Pentest Overview* page where you can view all information related to your pentest.
@@ -45,9 +44,11 @@ Page | Details
45
44
---- | -------
46
45
Pentest Scope | You can view the details behind the progress of your checklists associated with your assets and see what each checklist entails.
47
46
Vulnerabilities | You can view all the vulnerabilities that have been found and the associated vulnerability report, as well as the status and severity of the report.<br><br> If you have an integration set up to a tracking tool like Jira, you can choose to link your reports to the tool to get visibility into the remediation status.
48
-
Pentest Team | You can view the members part of your pentest team.
47
+
Pentest Team | You can view the members part of your pentest team.
49
48
50
49
### Edit/View Pentests
50
+
After pentesting has been enabled for your program, your new pentest will be listed on the **Pentests** tab of your security page.
0 commit comments