Pentesting your assets will allow you to benefit from qualified vulnerabilities or configuration defaults, ensuring 0 false positive and providing you with a detailed remediation plan for each vulnerability.

To pentest an Asset, go to the Asset page in question, then click on Not pentested.

When an asset is set with the Pentested status, offensive security tests start automatically and the first related security issues are generally released in less than 24 working hours.

Only ip and domain asset types can be set as pentested. All supported services and resources are also pentested, including WEB applications, API endpoints, remote access endpoints, exposed databases, etc.

Note that private IP can be added on Patrowl but will never be tested (passive or offensive).