lecture: Are you a PenTexter ?
Open-Sourcing Pentest Reporting and Automation
This talk will announce a new OWASP project: PenText, a fully open-sourced XML-based pentest document automation system. The PenText system is a document automation framework that supports the entire pentesting lifecycle: from the initial inquiry, through pentest scoping, quotations, pentesting, and reporting, through the final invoice.
During this talk, the OWASP PenText system will be demo'ed live, in the context of a larger Pentesting ChatOps infrastructure (RocketChat, Hubot, and Gitlab). The basics of how the OWASP PenText system is architected (XML, XSLT, XSL-FO) willl be covered, and shown how the system can be used to manage the entire lifecycle of pentesting data, including the automatic generation of documentation at various points in the process (including quotations, pentest reports, and invoices).
The OWASP PenText system was built and tested by the globally-distributed team at Radically Open Security. This system is at the heart of our own pentesting workflow, and we feel passionately that this 100% free and open-sourced framework will also be useful to your organization.
Start time: 16:00