II.
Workflow overview
Reference · liveworkflow:penetration-test-cycle
Penetration Test Cycle overview
Plans and executes a penetration testing engagement — scoping targets, conducting reconnaissance, exploiting discovered vulnerabilities, documenting attack chains, producing a findings report with CVSS scores, and tracking remediation to closure. Excludes vulnerability scanning automation.
Attributes
displayName
Penetration Test Cycle
workflowKind
security
triggerType
scheduled
typicalCadence
quarterly
complexity
cross-team
description
Plans and executes a penetration testing engagement — scoping targets,
conducting reconnaissance, exploiting discovered vulnerabilities,
documenting attack chains, producing a findings report with CVSS scores,
and tracking remediation to closure. Excludes vulnerability scanning
automation.
Outgoing edges
applies_to_domain2
- domain:cybersecurity·DomainCybersecurity
- domain:security·DomainSecurity
involves_role3
- role:security-reviewer·RoleSecurity Reviewer
- role:vulnerability-scanner·RoleVulnerability Scanner
- role:platform-engineer·RolePlatform Engineer
performed_by_org_unit2
- org-unit:security-team·OrgUnitSecurity Team
- org-unit:application-security-team·OrgUnitApplication Security Team
requires_skill_area2
- skill-area:oauth-flows·SkillAreaOAuth Flows
- skill-area:webhook-verification·SkillAreaWebhook Verification
triggers_responsibility2
- responsibility:security-review·ResponsibilitySecurity review
- responsibility:threat-modeling·ResponsibilityThreat modeling
Incoming edges
None.