Skip to main content

Generate a pentest attestation letter

GET 

/api/v1/reports/:report_id/attestation

Generate a dated pentest attestation letter for the report's assessment.

Produces a customer-facing compliance proof : scope tested, methodology, a per-severity finding summary, a no-critical-open statement, the org name for branding, a deterministic HMAC-backed verification id, and a public verification URL. Issuing it persists a verification record so the id resolves at the login-less verification endpoint.

  • Scope required: reports:read.
  • Response supports ETag revalidation (304 Not Modified).

Request

Responses

Successful Response