Source: OJ L, 2025/1190, 18.6.2025

Current language: EN

Annex V Content of the red team test report (Article 12(2))

The red team test report shall contain information on at least all of the following:

  1. information on the performed attack, including:

    1. the targeted critical or important functions and identified ICT systems, processes and technologies supporting the critical or important function, as identified in the red team test plan;

    2. summary of each scenario;

    3. flags reached and not reached;

    4. attack paths followed successfully and unsuccessfully;

    5. tactics, techniques and procedures used successfully and unsuccessfully;

    6. deviations from the red team test plan, if any;

    7. leg-ups granted, if any;

  2. all actions that the testers are aware of that were performed by the blue team to reconstruct the attack and to mitigate its effects;

  3. discovered vulnerabilities and other findings, including:

    1. vulnerability and other finding description including their criticality;

    2. root cause analysis of successful attacks;

    3. recommendations for remediation including indication of the remediation priority.

We're continuously improving our platform to serve you better.

Your feedback matters! Let us know how we can improve.

Contact us:

springlex@springflod.se

Found a bug?

Springflod is a Swedish boutique consultancy firm specialising in cyber security within the financial services sector.

We offer professional services concerning information security governance, risk and compliance.

Crafted with ❤️ by Springflod