Guidance

Guidance documentation for XBOW Console.

Articles in this section

• Choosing a target to test

  Learn which targets are most suited to XBOW penetration testing.

• Comparing different types of assessment

  Understand XBOW assessment types: comprehensive security testing, retest to verify fixes, and how Enterprise users can focus on specific vulnerability classes.

• Protecting targets during XBOW testing

  Learn how to configure an assessment for full testing at the same time as protecting your application and users.

• Guiding XBOW testing

  Improve XBOW assessment accuracy by uploading source code and documentation for gray-box testing. Learn what to include and exclude from your archive.

• Guiding XBOW testing for experts

  • Enterprise only
  • Public preview

  Brief XBOW like a human pentester. Enterprise users can use assessment guidance cards to direct testing focus and validate results.

• Checking configurations before assessment

  Learn what happens during XBOW's configuration check phase, including target validation, credential verification, and scope discovery.

• Interpreting XBOW results

  Understand XBOW security findings, vulnerability classifications, and how to prioritize remediation based on validated and informational results.