Retesting is a crucial phase after the initial pentest to verify that the identified vulnerabilities have been effectively remediated. Below are the essential steps of the retesting process:
You may request retesting of specific bugs you've addressed during or after the pentest has concluded.
The duration for which retesting can be requested without incurring extra costs varies based on the pentest tier. It could be either 30 or 90 days post-pentest. To learn about the time window for your specific tier, always refer to the pentest tier details.
Claiming a Retest
Once a retest is requested, members of the pentest team can claim the task through their dashboard under the 'Retesting' tab.
If a claimed retest isn't completed within 72 hours, it becomes available for other team members to claim from the same dashboard.
Duration for Retesting
Once claimed, a retest should be completed within 72 hours.
Any retesting findings or confirmations are documented in the initial vulnerability report. It's imperative for the pentesters to provide evidence, showcasing whether the vulnerability has been successfully addressed or persists.