When you're running penetration tests across your entire environment - web apps, external networks, internal systems, cloud infrastructure - managing separate reports for each test can get overwhelming fast. Compliance teams want a unified view. Executives need the full picture. And your security team shouldn't have to manually stitch together findings from a dozen different reports.
Today we're launching Report Groups: a simple way to combine multiple projects into a single, comprehensive report.
The problem we're solving
Modern organizations rarely have just one attack surface. A typical engagement might include:
- An external network scan of your perimeter
- Web application testing for your customer-facing portal
- Internal network assessment with Active Directory checks
- Cloud configuration review of your AWS or Azure environment
Until now, each of these lived as a separate project with its own reports. That meant:
- Executives received multiple PDF reports instead of one cohesive summary
- Compliance audits required manually combining evidence from different sources
- Risk prioritization was harder when findings were scattered across documents
Report Groups changes that.
How it works
- Create a Report Group: Give it a name like "Q1 2026 Production Environment" or "West Coast Infrastructure Assessment"
- Add your projects: Select any combination of existing tests - web apps, networks, cloud, internal assessments. Projects can belong to multiple groups, so you have full flexibility
- Generate unified reports: Create Executive Reports, Technical Reports, Full Reports, Letters of Attestation, Testing Certificates, or CSV exports that aggregate findings from all included projects
That's it. One report that tells the complete story.
What's included
Consolidated findings: All vulnerabilities from every project appear in one report together, organized by severity and test type. No more flipping between documents to understand your full risk posture.
Aggregated executive summaries: The executive report automatically mentions all test types performed, giving leadership a clear picture of assessment scope without reading technical details.
Test-type organization: Full and Technical reports break down findings by test type (Web Application, External Network, Internal Network, Cloud), making it easy to route remediation work to the right teams.
Unified compliance artifacts: Generate a single Letter of Attestation or Testing Certificate that covers your entire assessment scope - exactly what auditors want to see.
Flexible membership: The same project can belong to multiple Report Groups. Run a quarterly infrastructure assessment? Include those network tests in both your "Q1 Assessment" group and your "Annual Compliance Review" group.
Managing Report Groups
We've made Report Groups simple to manage:
- Quick creation: Create a new group and immediately select which projects to include
- Inline editing: Update group names and descriptions directly from the list view
- At-a-glance metrics: See project count, report count, and last updated time on every group card
- Easy project selection: A searchable project picker with status info makes it fast to add or remove projects
Why this matters for compliance
If you're preparing for SOC 2, ISO 27001, HIPAA, or any framework that requires penetration testing evidence, Report Groups dramatically simplifies your workflow:
- One report, full coverage: Instead of submitting multiple penetration test reports, provide auditors with a single comprehensive document
- Clear scope documentation: The Letter of Attestation lists all test types and target systems in one place
- Unified certificate: Share a single Testing Certificate that covers your entire assessment
Get started
Report Groups is available now for all RedVeil customers. Head to All Projects → Report Groups to create your first group.
Already running multiple tests? Select the projects you want to combine, generate your first unified report, and see how much cleaner your security documentation can be.
Questions? Rune, our AI pentest consultant, is ready to help you organize your assessments and get the most out of Report Groups.