FindingsFolio

Turn penetration testing output into board-ready findings, fast.

FindingsFolio gives security teams one operating system for engagement delivery: onboard clients, queue scans to external workers, review evidence quickly, and ship board-ready reports with full auditability.

Request a demo See workflow
Role-based access + audit logs Optional TOTP 2FA + password reset Structured summaries + traffic-light adverse signals Email/SMS completion notifications Browser push notifications PDF + evidence pack exports

Built for modern penetration testing delivery

Everything your team needs from tenant onboarding to final report download, in one controlled workflow with clear role boundaries.

Sign up, access, and governance

  • Create tenant accounts and organisation owners.
  • Session-based login/logout with optional TOTP 2FA and password reset flow.
  • Invite users and assign roles: owner, admin, member, viewer.
  • Track logins, target changes, run starts, and report downloads in audit logs.

Engagement and asset management

  • Create projects for each client engagement.
  • Store scope notes, dates, and engagement details.
  • Maintain target lists by IPv4, IPv6, and hostname for external scope tracking.
  • Configure per-asset custom web URLs for nuclei validation and web checks.
  • Store security exception notes per asset to capture approved risk context.

Evidence review that scales with delivery

Analysts can move from scan output to client communication faster, without losing access to raw artifacts and execution context.

Automated asset summaries

Generate cached brief and detailed asset summaries after scan jobs complete, with deterministic fallback summaries when language-model services are unavailable.

Adverse findings signals

Surface red, amber, green, or manual-check adverse findings levels in the asset list, expanded asset views, and technical reports.

Full artifact access

Open complete artifacts with command lines, duration, and human-readable or raw/pretty JSON views for faster review and QA.

Worker-driven orchestration and evidence capture

The web tier queues work. External workers execute discovery and follow-up modules, then return structured evidence and summary signals.

Nmap-first lifecycle

Each cycle starts with nmap discovery. Follow-up checks are queued from discovered services and tracked through queued, running, success, and failed states.

Current module coverage

Follow-up modules include nuclei, ssh-audit, smbmap, and DNS intel, with optional exploit-oriented web checks where enabled.

Coverage diagnostics

Gatekeeping and scan-interference behaviours are surfaced so teams can separate true exposure from source-IP controls or defensive filtering.

From queued scans to board-ready output

FindingsFolio orchestrates and tracks scanning workflows without directly running scan tools on the web tier.

1. Queue scan runs

Start new runs per project and select profiles. Jobs are queued for external workers that execute tools like nmap and follow-up modules.

2. Track progress

See queued, running, completed, or failed status by asset and tool, including recent activity, summary readiness, and completion notifications.

3. Review evidence quickly

Inspect nmap, nuclei, ssh-audit, smbmap, and opt-in Routersploit outputs, then move into executive and technical reports with linked evidence.

Recent report examples from live platform output

The examples below are based on recent generated outputs and fully anonymised for public presentation.

Executive summary (latest)

  • Title: Executive Summary Report - Northbridge Logistics Group
  • Summary: Scope=all assets; Assets=6, activity(7d) runs=10 modules=30, failed=1, active=0
  • Generated: 02/03/2026, 14:19:25

Technical reports (latest per asset)

  • Asset Technical Report - remote-access.northbridgelogistics.com.au
    remote-access.northbridgelogistics.com.au | ports=5 | modules=3
  • Asset Technical Report - client-portal.northbridgelogistics.com.au
    client-portal.northbridgelogistics.com.au | ports=3 | modules=4
  • Asset Technical Report - www.northbridgelogistics.com.au
    www.northbridgelogistics.com.au | ports=3 | modules=4

Asset summary lines and status

  • remote-access.northbridgelogistics.com.au [green]
    remote-access.northbridgelogistics.com.au: 6 TCP ports detected; SSH (22) OpenSSH_8.9p1. Ports 80/179/8291 show likely gatekeeping; no Nuclei findings reported.
  • client-portal.northbridgelogistics.com.au [green]
    client-portal.northbridgelogistics.com.au: Ports 80/443 open; SSH (22) appears gatekept (no banner). Nuclei reports WAF detection only; no LOW/MEDIUM/HIGH findings.
  • www.northbridgelogistics.com.au [manual_check]
    www.northbridgelogistics.com.au: HTTP/HTTPS reachable; SSH (22) appears gated. Nuclei web scan timed out (900s), indicating likely filtering or scan interference; manual validation required.

Professional reporting

  • Generate asset technical reports automatically at scan completion.
  • Generate executive summaries on demand with all/include/exclude asset scope.
  • Append current reports and full artifact evidence sections for board packs where needed.
  • Download final reports and optional evidence packs on demand.

Security, notifications, and controls

  • Least-privilege role model with scoped tenant access.
  • Session security plus optional TOTP multi-factor authentication.
  • Email, SMS, and browser push scan completion notifications with tenant-level settings.
  • Auditability across authentication, changes, runs, and report access.

What users can do

Account setup, identity controls, project management, scan tracking, and reporting in one platform.

What FindingsFolio does

Centralizes findings workflow and evidence handling while preserving auditability and role boundaries.