Hi there! Let us know how we can improve Beagle Security. You can vote on existing ideas or suggest new ones.
The Beagle report is very detailed (and branded), which works great for internal use. However, this isn't a report I would feel comfortable giving out to a customer if their security team asked for a recent pentest report summary. I would like the ability to download an abbreviated executive/summary report. This report should either include no Beagle branding, optionally allow our own custom branding/white-labeling, and not include the technical details.
2
As an agency I need to be able to send white labelled reports to our clients.
0
Test the security of APIs you use for a web application by importing them from Swagger or Postman.
3
https://www.wordfence.com/wp-content/themes/wordfence/files/WordfenceSampleSiteAuditReport.pdf It would be great if the Security Audit, when done on a WordPress Site with the Plugin Installed, could test more of the pointed listed in the above sample report. This would greatly enhance the Beagle Security product for every WordPress site owner, developer, and auditor.
0
Default report many times is not sufficient for the business and is necessary to do additional documents, but if we have the options to modify or add note, tables, images this tool has a lot of power
2
Add an extra layer of security to your Beagle Security account with 2FA.
0
Monitor the uptime of applications you add to your Beagle Security account.
0
The CVE (Common Vulnerabilities and Exposures) is basic and standard to include in all vulnerability assessments and Penetration testing reports/results... please include those in the final report and CVSS (The Common Vulnerability Scoring System). This will good because the customer has a complete report and useful to compliance. References: https://cve.mitre.org/ https://www.first.org/cvss/specification-document
2
An option to pause a running test.
1
It should be possible to deselect tests or test categories we do not want to perform or which are not allowed to perform because of the terms with the hosting provider. Also it is not transparent before a test, which tests the app will or could be perform.
1
Integrate into Django like WordPress
1
Would be very cool if the reports are available in other languages or - if this is not possible - to edit text snippets in the reports for translation.
2
Nowadays the most innovate cybersecurity solution to test all the cybersecurity controls are BAS (breach and attack simulation) and will be a great step for you to add those capabilities to the test security controls and finally all the BAS tools are aligned with Mitre att&ck
0
It was helpful if we could have in the report the tests which passed. It might end up with a large document. I will suggest preparing a single document for all customers, that lists all the tests which were performed.
1
It often does not make sense to fix all of the findings. Sometimes there is a low benefit compared to effords or risks of the implementation of some security measures. These findings are not "false positives", but for better view of the most important findings to fix it would be possible to acknowledge and accept some findings.
0