Interpretation and Reporting Flaws

Understand when something is vulnerable and learn how to report it in a form that others understand.

Journey contents

  • Defining a security flaw
  • Interpretation of the flaw
  • Interactive Game: Defining Priority & Severity
  • Standardized Categorization with CVE
  • Standards: ASVS, MSTG, OTG..
  • Defining a Shift-left framework
  • Interactive Game: Non-functional Requirements
  • Security Report Creation
  • Interactive Game: Bugs/Tickets Reporting
  • Management or Technical Flaw
  • Consolidation Exam