Project Lifecycle and Scoping

Projects represent active assessments (such as a web application pentest or a cloud security review) conducted for a customer.

Creating a Project

To set up a new assessment project:

1. Click on Projects in the sidebar.
2. Click New Project.
3. Fill in the project name, choose a customer, and optionally select a test playbook version.
4. Click Save.

[!WARNING] You can only select and attach a playbook when creating a project. You cannot modify the playbook version or swap it after the project is saved.

Managing Project Statuses

Pentographer tracks projects through standard engagement phases (e.g. Scoping, In Progress, Under Review, Completed).

Moving Status Backwards (Justification Log)

If you advance a project phase (for example, from In Progress to Under Review), no extra action is needed.

However, if you move a project backward (for example, returning a project to In Progress from Under Review because additional testing is required), Pentographer enforces a Justification Requirement:

1. A modal appears asking for a revision justification.
2. You must input a detailed description explaining why the project was returned to an earlier phase.
3. This reason is committed to the project's audit log for traceability and client audit reviews.

Documenting and Reporting

Once you configure your project scope, you can begin adding findings and generating deliverables:

• Findings: Read the Findings Editor guide to document security vulnerabilities.
• Reports: See the Reporting and Templates guide to learn how to compile and export your final report.