Remediation process and how to mark a finding ready for re-test
Once you have reviewed and fixed a finding, you will need to let us know that it is ready for re-test. You can do that in the comments section of each finding.
- Select a finding
- Go to the dropdown of any "Pending Fix" issue
- Mark as "Ready for re-test"
One marked "Ready for re-test" the status of the finding will be changed and the pentester who posted the finding will be notified to re-test the issue. If the pentester cannot reproduce the issue, then the status will be changed to "Fixed." Otherwise, they will move the finding back to "Pending Fix" and write a comment as to why.
Remediation and Retesting FAQs
Q: Is retesting included in my subscription?
A: Yes. Retesting is available to customers with an active subscription and depending on their tier.
Q: How do I submit a finding for retest?
A: On the platform, locate the finding you would like retested by clicking on the pentest name>findings>filter by pending fix>select the finding. Under the Activity section, select “Ready For Re-test” from the dropdown menu. Add any additional comments in the comments field and click “Comment” to save. More information can be found in this article.
Q: How long does it take to retest a finding?
A: Retesting is generally completed within 7 business days from submission.
Q: When can I submit a finding for retesting?
A: A finding can be submitted for retesting at any time from after the vulnerability is reported on the platform until the end of a subscription (given at least 10 business days prior to subscription expiration).
Q: What if we determine that a reported vulnerability is a very low risk or can be addressed without a technical fix?
A: Findings in this category can be marked as an 'accepted risk.' Read more about marking a finding as an accepted risk in this article.