Pentest report example
How the threat-model findings materialize as pentest findings.
S4 Sample · Threat model
Threat model: Cloudwrit.
Output of a 2-day threat modeling workshop using STRIDE. The deliverable: data-flow diagram, attack paths, prioritized mitigations mapped to specific engineering sprints.
Fictional - representative
Client: Cloudwrit Inc. · Workshop: 2026-01-22 to 2026-01-23 · Participants: CTO, VP Eng, platform lead, security lead, NexcurAI (facilitator) · Framework: STRIDE · Review cycle: quarterly
1. System in scope
Cloudwrit’s production SaaS: marketing site, authenticated app, public API, background workers, object storage, primary Postgres, analytics pipeline, third-party integrations (Stripe, SendGrid, OpenAI). AWS-hosted, single-region (us-east-1), two availability zones.
2. Data flow diagram (simplified)
Solid: synchronous. Dashed: webhooks.
3. Trust boundaries
- TB-1: User browser to Cloudflare edge. Boundary trust: none inbound (treat all user input as hostile).
- TB-2: Cloudflare to App. Boundary trust: CF signs requests; App validates.
- TB-3: App to Postgres. Boundary trust: IAM-authenticated TLS. Row-level security not currently enabled.
- TB-4: App to S3. Boundary trust: IAM role, object-level ACLs.
- TB-5: App and workers to third-party APIs. Boundary trust: API key stored in Secrets Manager; outbound only.
- TB-6: CI to AWS. Boundary trust: currently static keys (see F-02 in pentest report). Migrating to OIDC.
4. Threat table (STRIDE)
| ID | Category | Threat | Target | Severity | Mitigation |
|---|---|---|---|---|---|
| T-01 | Spoofing | Session token theft via XSS in rich-text editor | User session | H | CSP tightening, HttpOnly cookies, output encoding audit |
| T-02 | Tampering | Tenant-ID forgery in API | Documents | C | Server-side tenant resolution (see F-01) |
| T-03 | Repudiation | Document edits with no audit log | Postgres | M | Append-only audit_log table; ship in Q2 |
| T-04 | Information disclosure | S3 presigned URL leaks | S3 | H | 24-hour max TTL on all presigned URLs (see F-06) |
| T-05 | Information disclosure | Prompt injection exfils workspace docs | AI summary | H | Sandbox LLM call; input isolation; output filter (see F-03) |
| T-06 | Denial of service | Unbounded AI summary API calls drain budget | OpenAI / Anthropic | M | Per-user and per-workspace quota; alert at 80 percent |
| T-07 | Elevation of privilege | Admin panel compromise yields all tenants | Admin | H | Mandatory MFA + IP allowlist (see F-05) |
| T-08 | Elevation of privilege | CI credential leak compromises AWS | AWS | C | OIDC federation, least-privilege policy (see F-02) |
| T-09 | Tampering | Webhook forgery (Stripe, SendGrid) | App | M | Verify all webhook signatures; allowlist source IPs where possible |
5. Attack paths (top three)
Path A: Attacker creates a paid Cloudwrit account ($49). Exploits T-02 (tenant forgery) against arbitrary tenant. Exfiltrates documents. No credentials needed beyond their own account. Cost to attacker: $49 and 2 hours. Impact: full tenant data leak.
Path B: Attacker compromises a developer’s laptop (phishing). Obtains GitHub session or AWS keys from local env. Uses T-08 (CI credentials or laptop-held AWS access) to reach prod AWS. From there, reads any bucket. Cost to attacker: phishing success. Impact: full AWS account compromise.
Path C: Attacker shares a malicious document via Cloudwrit sharing feature. Target user triggers AI summary. T-05 (prompt injection) exfiltrates other documents into the summary output, which attacker can read via the same share. Cost to attacker: one shared document. Impact: limited to target user’s workspace, but zero-click from target’s perspective.
6. Mitigation roadmap
Sprint 2026-W07 (this week)
- T-02: Server-side tenant resolution
- T-08: IAM policy reduction on CI user + key rotation
Sprint 2026-W09
- T-05: Input isolation for AI summary feature
- T-07: MFA mandatory on admin panel
- T-04: 24-hour TTL on presigned URLs
Sprint 2026-W11
- T-01: CSP + HttpOnly audit
- T-08: OIDC federation migration
- T-06: AI quota per workspace
- T-09: Webhook signature verification
Q2 (April to June)
- T-03: Audit log table
- T-05 layer 3: Output filter for AI summary
- Re-run threat model workshop to catch drift
7. Non-actions
The workshop identified two threats we deliberately chose not to mitigate this cycle:
- Multi-region failover - not a security issue, and the blast-radius is small enough for the current business stage. Revisit at $20M ARR.
- HSM-backed key management for field-level encryption - expensive, limited marginal risk reduction at current data sensitivity. Revisit when we sign our first healthcare or financial-services customer.
8. Review cadence
Threat model is a living document. Next review: 2026-04-22 (quarterly). Trigger additional reviews on: new service category (e.g., we launch an API for third parties), change in customer tier (e.g., first enterprise customer), any Severity-H finding on a pentest. Owner: CTO. Facilitator: NexcurAI on retainer.
Series A security readiness
The framework this workshop sits inside.
Cybersecurity
Threat-modeling workshops, pentests, incident response.