Post Thu Oct 18, 2007 10:58 pm

pen testing project management software?

Is anyone aware of a project management software that is especially well suited for penetration testing and vulnerability assessments? I've done this type of work in a few organizations and none had or knew of a tool really designed for this. The biggest problem is managing all the data - dozens if not hundreds of output files and logs from tools we ran, random notes scattered through text files and emails, all of which ultimately have to be brought together in some way to be turned into a report. I've seen a few web apps that are able to process output files from various tools (nmap, nessus, etc.) and dump it into a SQL database, but they aren't very robust. Separate of that, there are often multiple testers that need to communicate and share notes as well as output from programs....

So what does your company use?
CISSP, CEH