In the previous chapters, we have introduced lots of security automation frameworks and techniques. However, how do we consolidate and present all the security findings as a whole to stakeholders? For a security team to execute and manage several security testing projects at a time can be a challenge. The security team, the project team, and the management would like to know the security status of each project. This requires us to consolidate some previously mentioned security testing tools' results into one portal or summary document. We will need to not only manage all the security testing tools' execution results, but also present a security dashboard for the overall security posture of a project. We will introduce some approaches and tools to achieve this goal.

In this chapter, we will cover the following topics:

• Managing and presenting test results
• Approach 1 – integrating the tools with RapidScan
• Approach 2 – generating a professional pentest report with Serpico
• Approach 3 – security findings management with DefectDojo