Reference
Artifacts
Outputs and deliverables produced by a CodeWall penetration test.
Every completed test produces a set of artifacts you can use for remediation, compliance, and stakeholder communication.
Findings
The primary output. Each finding includes:
- Title and description — what the vulnerability is
- Severity and CVSS score — how critical it is
- CWE classification — standardized vulnerability type
- Attack chain — step-by-step reproduction path
- Proof of concept — raw requests/responses for verification
- Remediation guidance — how to fix it
- Screenshots — visual evidence where applicable
Executive summary
A high-level overview designed for non-technical stakeholders:
- Total findings by severity
- Key risk areas
- Comparison with previous test runs (if applicable)
- Remediation priority recommendations
PDF report
A formatted, downloadable report containing:
- Executive summary
- Detailed findings with attack chains
- Methodology description
- Scope and configuration used
- Appendices with raw evidence
Suitable for compliance requirements, board presentations, and auditor submissions.
Activity log
A complete audit trail of every action the agent took during the test:
- HTTP requests sent and responses received
- Agent reasoning and decision-making
- Timestamps for every action
- Phase transitions (Recon → Analysis → Exploit → Report)
Asset map
A visual map of discovered assets and their relationships:
- Hosts and subdomains
- Endpoints and parameters
- Authentication boundaries
- Technology fingerprints
Export formats
| Format | Contents | Use case |
|---|---|---|
| Full report with findings | Stakeholders, compliance | |
| CSV | Findings in tabular format | Import into spreadsheets, SIEM |
| JSON | Structured findings data | Programmatic access, integrations |
| Jira | Individual tickets per finding | Issue tracking (requires ticketing integration) |