Our ethical hackers help software  companies becoming more secure. And normally ethical hackers produce very long reports, something that is both frustrating as a source of humor (thanks Balbix). This picture clearly describes the broad frustration of old-fashioned reporting in pentesting/vulnerability scanning.


Of course we try different. And luckily, our Review Environment enables security analysts to send detected security issues directly to the issue tracker (Jira/Bitbucket/etc.) of the software developers: so they can start working on security right away. And if it's a real critical issues we give them a call of course. This picture is a screenshot of the (anonymized) communication with one of our customers. There are always vulnerabilities, because  software engineering is a different skill than security engineering.  When we found something, we send it directly to the issue tracker  of our customer: so that their software engineers could start right away  fixing it. Customer happy, Codean happy.

How to communicate vulnerabilies

How to communicate vulnerabilies