Release Date: July 11, 2023

Hey everyone,

We have found some flaws with our reporting process and we made some changes in this hotfix to make report management more seamless for the organization user’s triagers. Here are the highlights of this release:

🔁 Reopening of Resolved Reports

Our previous process does not allow reopening of reports when they are tagged already as Resolved. However, there might be instances where a security researcher might have made a mistake during the retesting process and tagging of a report as Fix Confirmed or a human error on the triager side when tagging a report.

To handle these scenarios, we changed our report management process to allow reopening of reports tagged as Resolved. This way, we can properly tag reports again with the corresponding status and properly inform the involved organization on the issues that they need to refix.

📝Change Report Details of Resolved Reports

Similar to the scenario in the first highlight, our old process also does not allow any editing on the report details once it is tagged as Resolved. However, there are instances where some minor changes are needed to be done on a report even if it is already resolved.

Now, we give the triagers the capability to edit the following details of a report even if it is already resolved:

• Edit Report Title
• Change Report Severity
• Change Report Weakness Type
• Change Report Asset

This way, we are able to give the triagers the capability to ensure that all reports have accurate information before they are compiled in the final pentest report.