There are 3 different types of reports:

  • Standard


  • OWASP Top 10

Standard is the default report type.

PCI-DSS adds a section on the summary page with the PCI-DSS requirements checklist. For each item in the list, we indicate if the target was tested for that requirement and if it passed or not.

The OWASP Top 10 compliance report is similar to the aforementioned PCI-DSS report but taking into consideration the most recent OWASP Top 10.
We check for the whole Top 10, except for the A10 Insufficient Logging & Monitoring as we would require access to your server to check its compliance.

Note that the column Passed indicates the current compliance status of each requirement. This means that every time you generate a new report you will get the current status of your target, as long as a new scan was completed to ensure that the finding status is updated.

Example of the PCI-DSS report details:

To learn how to change the report type go here.

Did this answer your question?