Report Methodology
Preparation Steps
- Define the research question and target audience.
- Document authorization basis and data sources.
- Separate raw evidence from publishable evidence.
- Normalize product names, versions, dates, and terminology.
- Write impact in terms of consequence.
- State limitations and unknowns.
- Add remediation, mitigation, or defensive interpretation.
- Review for sensitive data and exploitability.
- Validate links, metadata, and route stability.
- Preserve a revision history.
Report Sections
A mature report should include:
- executive summary;
- scope and authorization basis;
- methodology;
- findings;
- evidence summary;
- severity or risk rationale;
- remediation or mitigation;
- limitations;
- coordination timeline where relevant;
- references;
- revision history.
Quality Bar
A report should let a qualified reader evaluate the claim without trusting the author’s reputation alone. It should also avoid operational detail that is not needed for defense.