Security Assessment Report
Client: Reseau Sante du Nord Assessment Date: [Date] Assessor: [Name]
Executive Summary
Write for Marie-Claire and the donor foundation. No CVE numbers. No unexplained technical terms. Explain what an attacker could do, what data was at risk, what has been fixed, and what remains. Keep it under 400 words.
Assessment Methodology
Brief description of the assessment approach: reconnaissance, exploitation testing, detection rule deployment, remediation verification. Reference the scope document.
CVSS Score Guide
| Component | Description | Example |
|---|---|---|
| Base Score | Technical severity of the vulnerability | SQL injection allowing database read: 8.6 |
| Environmental Adjustment | Context-specific factors that raise or lower effective severity | Healthcare patient data increases confidentiality impact; internal-only service reduces exposure |
| Final Score | Base score adjusted for this specific environment | 8.6 base adjusted to 9.1 for healthcare patient data context |
CVSS scores in this report use environmental adjustments. A vulnerability's impact depends on what data it exposes, who can reach it, and what the system is used for. The same technical flaw has different severity in a healthcare system handling patient diagnoses than in an internal inventory tool.
Network Service Findings
| # | Finding | CVSS Base | Environmental Adj. | Final Score | Status |
|---|---|---|---|---|---|
| N-1 | |||||
| N-2 |
N-1: [Finding Title]
Description: What the vulnerability is and how it was exploited.
Evidence: Command output, screenshots, or logs demonstrating the finding.
Impact: What an attacker could do with this access -- in business terms relevant to patient data and clinic operations.
Remediation Status: Fixed / Recommended. If fixed, describe the approach and why it was chosen.
Detection Rule: Reference the Sigma rule deployed to detect this attack pattern.
Web Application Findings
| # | Finding | CVSS Base | Environmental Adj. | Final Score | Status |
|---|---|---|---|---|---|
| W-1 | |||||
| W-2 |
W-1: [Finding Title]
Description: What the vulnerability is and how it was exploited.
Evidence: Command output, screenshots, or logs demonstrating the finding.
Impact: What an attacker could do -- specific to patient records, clinic operations, or donor compliance.
Remediation Status: Fixed / Recommended.
Detection Rule: Reference the Sigma rule deployed for this pattern.
Remediation Status
| Finding | Fix Approach | Rationale | Status | Verified |
|---|---|---|---|---|
| Why this approach over alternatives | Fixed / Recommended | Yes / No | ||
Detection Capability Summary
| Detection Rule | Attack Pattern | Log Source | Status | False Positive Rate |
|---|---|---|---|---|
| Deployed / Tested | Low / Medium / High | |||
Grafana Dashboard: Description of the security monitoring dashboard and what it tracks.
Future Recommendations
Items outside the current assessment scope or requiring ongoing attention. Include:
- VPN pre-shared key rotation
- BYOD policy for clinics with unreliable internet
- Ongoing monitoring practices
- Regular reassessment schedule
Appendices
Supporting data: full scan results, complete Sigma rules, Alloy configuration changes, Grafana dashboard export.