Cross-Functional · Playbook · Advanced · Saves 30+ hours
Penetration Testing Guide
A guide for managing penetration testing.
What's included
- Testing Strategy
- Testing frequency
- Scope definition
- Testing types
- Vendor Selection
- Selection criteria
- Vendor evaluation
- Contract requirements
- Test Execution
- Preparation
- Coordination
- Communication
- Results Management
- Finding analysis
- Remediation planning
- Verification testing
Best used when
- Annual security testing
- Pre-certification testing
- Post-major-change validation
- Compliance requirements
Why this is Gold
Penetration testing validates security. This guide ensures effective testing.
The template
The Template
PENETRATION TESTING
Pen Test Planning Template
PENETRATION TEST PLAN
TEST TYPE:
☐ External network
☐ Internal network
☐ Web application
☐ Mobile application
☐ Social engineering
☐ Physical
SCOPE:
In scope: _______________
Out of scope: _______________
IP ranges: _______________
Domains: _______________
TIMING:
Start date: _______________
End date: _______________
Testing hours: _______________
Blackout periods: _______________
RULES OF ENGAGEMENT:
☐ Notify SOC: ☐ Yes ☐ No
☐ Exploit vulnerabilities: ☐ Yes ☐ Limited ☐ No
☐ Social engineering: ☐ Yes ☐ No
☐ DoS testing: ☐ Yes ☐ No
CONTACTS:
Primary: _______________
Technical: _______________
Emergency: _______________
Vendor Selection Criteria
| Criteria | Weight | Vendor A | Vendor B |
|---|---|---|---|
| Experience | 25% | /5 | /5 |
| Methodology | 20% | /5 | /5 |
| References | 15% | /5 | /5 |
| Reporting quality | 20% | /5 | /5 |
| Price | 20% | /5 | /5 |
| Total | 100% |
Finding Remediation Tracker
REMEDIATION TRACKING
FINDING: _______________
Severity: ☐ Critical ☐ High ☐ Medium ☐ Low
CVSSscore: _____
DETAILS:
Description: _______________
Impact: _______________
Recommendation: _______________
REMEDIATION:
Owner: _______________
Target date: _______________
Status: ☐ Open ☐ In progress ☐ Remediated ☐ Accepted
Verification: ☐ Pending ☐ Verified
Frequently asked questions
What is the Penetration Testing Guide?
A guide for managing penetration testing.
Who is the Penetration Testing Guide for?
It is built for Cross-Functionals and their teams working on Security & Compliance. The AI coach adapts it to your company, stage, and goals.
How long does the Penetration Testing Guide take to use?
It saves roughly 30+ hours versus building from scratch. Our AI coach can tailor the playbook to your situation in minutes, then hand you a step-by-step plan.
Is the Penetration Testing Guide free?
Yes. You can read the full playbook and start getting coached through it for free. Sign in to save your tailored version and track your next steps.
How does the AI coach help with the Penetration Testing Guide?
The coach teaches you the framework, asks a few questions about your business, tailors the playbook to you, and gives you measurable next steps to execute.