> For the complete documentation index, see [llms.txt](https://docs.sprinto.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.sprinto.com/data-library/vulnerabilities/dashboard-actions/upload-pentest-report-and-add-vulnerabilities.md). # Upload Pentest Report and Add Vulnerabilities Sprinto enables you to document vulnerabilities identified through certified penetration tests (pentests). You can upload the pentest report and log vulnerabilities manually or in bulk using a standard template. Once added, these vulnerabilities appear under the **Pentest** tab and must be resolved or marked as special cases to meet SLA and audit requirements. *** ### Before You Begin Ensure the following: * You have access to the Sprinto admin portal. * Your pentest report is performed by a certified provider. * The final pentest report file is ready in a supported format (e.g. PDF, DOCX). * You have the details of each vulnerability identified (e.g. severity, description). *** ### Procedure To upload a pentest report and add vulnerabilities: 1. Go to **Data Library > Vulnerabilities > Overview**. 2. Click the **Pentest** tab in the left navigation panel. 3. Select the workflow check labelled **Periodic VPAT report needs to be uploaded**. 4. Click the **Pentest Reports** tab. 5. Fill in the following details: * **Pentest name** * **Report issue date** 6. Click **Upload file** and select the pentest report from your device. *** ### Add Vulnerabilities You can add the vulnerabilities listed in your pentest report using one of the following methods: #### Option 1: Add Individually 1. Select **Add vulnerabilities manually**. 2. Enter each vulnerability's: * Name or CVE reference * Severity level (e.g. High, Moderate) * Description 3. Click **Add** to include multiple vulnerabilities if needed. *** #### Option 2: Bulk Import via CSV 1. Select **Bulk-import vulnerabilities**. 2. Download the **CSV template**. 3. Fill in the required fields (e.g. name, severity, description) using the specified format. 4. Click **Upload file** and select your completed template file. *** ### Finalise Upload * Once all details are entered, click **Upload pentest report** to save your entries. * The uploaded report and listed vulnerabilities now appear under the **Pentest** section. *** ### What Next? You must now: * Resolve the open vulnerabilities from the relevant infrastructure or codebase. * Mark each resolved vulnerability as **Closed** in Sprinto. * If a vulnerability is not applicable, you may mark it as a **Special Case**. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.sprinto.com/data-library/vulnerabilities/dashboard-actions/upload-pentest-report-and-add-vulnerabilities.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.