Once a penetration test completes, the most important work begins:
Understanding the results
RedVeil is designed to make test results clear, navigable, and actionable. Findings are presented in a way that allows security teams, engineers, and stakeholders to quickly understand what was discovered, why it matters, and how it can be reproduced and fixed.
This article walks through how to view test results, navigate findings, interpret severity, and understand the supporting evidence provided for each issue.
Accessing Test Results
Test results are available any time during or after testing.
You can access results by selecting the project and navigating to the Issues section from the left-hand sidebar. This section serves as the central hub for all identified findings within the project.
If no findings are present, the Issues view will clearly reflect that state. A lack of findings is still a meaningful outcome and indicates that no validated issues were identified during the test.
Navigating the Findings List
The Issues view displays a list of all findings identified during testing.
Each entry represents a validated security issue and includes high-level information such as:
The issue title
Severity level
Affected target
Current status (open, remediated, validated, etc.)
This list allows you to quickly scan results, prioritize review, and focus attention where it is most needed.
Understanding Severity Levels
Each finding is assigned a severity to help prioritize response.
Severity reflects a combination of factors such as impact, exploitability, and context. While exact scoring may vary by issue, severities generally fall into familiar categories such as informational, low, medium, high, and critical. This is all calculated using the CVSS scoring system.
Helpful Tip - Hovering over the severity of an individual findings in the Issues list will show its CVSS score!
Severity is meant to guide prioritization, not to imply urgency in isolation. A high-severity issue in a low-risk context may warrant different treatment than a lower-severity issue in a sensitive system.
Rune can help explain why a specific severity was assigned and what it means in practical terms.
Viewing Detailed Findings
Selecting a finding opens the detailed issue view.
This view provides the full context required to understand and act on the issue. Rather than short summaries, findings are documented in a structured, repeatable format intended for engineering and security teams.
Evidence and Reproduction Steps
Each finding includes supporting evidence showing how the issue was identified.
Evidence may include request and response data, observed behavior, or other artifacts that demonstrate the vulnerability in a reproducible way. This evidence is critical for validating that the issue is real and actionable.
Clear reproduction steps are provided so teams can confirm behavior internally and verify fixes once remediation is applied. Findings are not based on assumptions or pattern matches alone - they are documented with observable behavior after exploitation or validation.
Status and Lifecycle of Findings
Findings progress through a lifecycle as remediation occurs.
As issues are addressed and validated, their status updates to reflect current state. This allows teams to track progress over time and distinguish between newly identified, open, and remediated findings.
Documenting this lifecycle is important for both operational clarity and auditability.