Penetration tests result in vulnerability reports and those are the usual output. But when having more than one penetration tests for the same scope, it's not that frequent to have a report comparing current vulnerabilities to vulnerabilities found previously, hence the difference report. In NormShield, you can easily produce comparison reports, aiming exactly this, in seconds.
The idea is to;
- See newly found vulnerabilities in the latter penetration test,
- See the closed vulnerabilities after the first test,
- And see of course the non-closed vulnerabilities identified (or already open) by the first test and continuing to stay open in the second.
- There's also the current status of the vulnerabilities because it is always helpful to see the up-to-date status.
It's possible to compare any two penetration test results, so it really gets easy to answer any "which vulnerabilities got closed in between?" or "which new vulnerabilities we introduced in between?" types of questions one will be facing with.
In order to see the comparison interface, first the related Scan should be identified by clicking Scan->Scan Configurations sub menu. Once identified, every scan row has an Scan Results icon next to it.
Clicking this icon opens another interface, shown below, including all the scan results related to the previously identified scan. In this interface, all there’s left is to selecting two scan results and clicking the Compare button.
The output interface is shown below, the vulnerability comparison detail screen. Here a vulnerability's status can be seen changing (or not) along the with two vulnerability scans.