Client Communication

Overview

Client communication is important for keeping in touch with your client and keeping them happy during the engagement. If a pentest is going well (for the client) then you might only reach out to them a couple of times.

When you have a critical finding like being able to get into their internal network through their VPN, get RCE or log into a web server, they need to know the immediately. Reach out via email or phone.

If we breach the internal network from the outside, there is a good chance that someone else has already done it. They need to know this so they can work on patching it immediately.

Email Examples

The client needs to know what IP you will be attacking from so you're not mistaken from any real threats

You can have the email be sent automatically and even have the Nessus scans auto run minutes after. Automating some of the beginning processes are very helpful.