Results

Reports & score

Every scan produces a report you'd actually want to send — to your team, your customers, or your board. It's rigorous, it's honest about what it didn't test, and it comes in whatever format you need.

The Pentu Score

A single 0–100 number with a band (strong, good, fair, weak, critical), weighted by finding severity. It's the headline you can track over time and share — and it only counts real security findings, never the informational sections. Verified controls and the test transcript are shown separately, so the score stays honest.

Anatomy of a report

Management summary
Plain-language prose — what we did, what we found, and whether anything is urgent.
Risk breakdown
Findings by severity, at a glance.
Scope & methodology
What was in and out of scope, and how the test was run.
Findings
Each with business impact, a concrete example, reproduction steps, a suggested fix, and a ready-to-paste prompt for your AI coding agent.
Coverage
Pages and endpoints mapped, tests run, defences held, and the AI cost.
How Pentu tested
The full transcript — every probe, including the ones your app defeated.
Controls verified
Dozens of security controls tested with no issue.
Attack surface
The actual pages and endpoints discovered — plus enumerated subdomains.
Test data & cleanup
Exactly what Pentu created, and how to remove it.

Fix it with your AI agent

Every finding ships with a copy-paste prompt written for your AI coding assistant — Claude, Cursor, whatever you use. It describes the vulnerability, the exact location, and how to fix it, so remediation is a paste away.

Every format

  • Interactive report — the full thing in the app, with expandable findings.
  • PDF — a polished document, plus a landscape slideshow deck.
  • Markdown — agent-friendly, with a fix prompt per finding, so you can hand the whole report to an AI.
  • Email — a premium summary with the PDFs attached, delivered the moment the scan completes.

Cost transparency

Because Pentu is AI-driven, every scan reports its exact AI cost, broken down by model — so you always know what a scan cost to run. (Prompt caching keeps a full scan around $1.50–2.)

The dashboard

Across all your targets, the dashboard shows your average score and score trend over time, the mix of open issues by severity, an open / fixed / ignored breakdown, per-target health (worst first), recent activity, and 30-day AI spend.