Comment by technion

I had nmap screenshots presented as a penetration test. I don't mean "in a penetration test, with some text". I mean a penetration testing company embarked on a two week engagement to review an application I had built, and they literally handed in a screenshot of nmap on their own letterhead and called it the report. I was pretty livid.. there a lot of shortcuts on security I was actually hoping to get a drive to improve, but instead I got hauled to "please explain" what this "port 443 is open" report means.