Checklist: Security Vulnerabilities Report
This checklist outlines the main areas which need to be addressed in a Security Vulnerability Report, depending on the target audience. Some automated testing tools can generate different types of reports automatically.
Check Items
Security Issues Report for Management
Includes high-level summaries and trends.
Security Issues Report for Development
Includes the issue and issue remediation details (for example, vulnerable page and page elements, issue types, remediation tasks, and so on).
Regulatory Compliance Report
Includes information about regulatory non-compliance due to discovered security issues.
Industry Standards Compliance
Includes information about industry standards non-compliance due to discovered security issues.