ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "A Penetration Testing Findings Repository"
Episode Synopsis
In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI) Marisa Midler and Samantha Chaves, penetration testers with the SEI's CERT Division, talk with Suzanne Miller about a penetration-testing repository that they helped to build. The repository is a source of information for active directory, phishing, mobile technology, systems and services, web applications, and mobile- and wireless-technology weaknesses that could be discovered during a penetration test. The repository is intended to help assessors provide reports to organizations using standardized language and standardized names for findings, and to save assessors time on report generation by having descriptions, standard remediations, and other resources available in the repository for their use. The repository is available at https://github.com/cisagov/pen-testing-findings
More episodes of the podcast Software Engineering Institute (SEI) Podcast Series
Delivering Next-Generation AI Capabilities
29/09/2025
Mitigating Cyber Risk with Secure by Design
14/07/2025
In God we trust