logo
Report templates

Custom Charts

Create and customize charts to visualize vulnerability data in your reports.

Overview

Custom charts allow you to visualize vulnerability data in your reports using flexible, configurable chart components. You can create charts based on risk levels, remediation stages, project types, or custom categorizations.

Usage

Charts are inserted into report templates using the dollar sign syntax followed by the chart name:

{$chart_ChartName}

Note: Chart names cannot contain spaces. Use underscores or camelCase for multi-word chart names.

Examples

{$chart_VulnerabilityBySeverity}
{$chart_RemediationProgress}
{$chart_OWASP_Top10}

Creating a Chart

Navigate to Administration → Reporting → Charts to create a new chart.

Chart Configuration

Chart Title

The chart title serves as the identifier when referencing the chart in templates. It must:

  • Be unique
  • Not contain spaces (use underscores or camelCase instead)
  • Be descriptive of the chart's purpose

Examples: VulnerabilityBySeverity, Remediation_Status, OWASP_Categories

Chart Type

Currently supported chart types:

  • Bar Chart - Displays data as horizontal or vertical bars

Additional chart types (pie charts, line charts, etc.) may be available in future versions.

Chart Settings

Each chart has configurable settings that define how data is organized and displayed.

Headers

Headers determine the categories displayed in your chart. Choose from predefined header types or create custom ones.

Risks

Predefined headers for vulnerability severity classification:

  • Critical
  • High
  • Medium
  • Low
  • Informational

Remediation Stage

Predefined headers tracking vulnerability remediation progress:

  • Not Remediated
  • Requested
  • In Progress
  • Partial
  • Remediated

Assessment Domain

Headers based on your defined Project Types in the platform. This allows you to categorize findings by assessment scope (e.g., Web Application, Mobile App, Infrastructure, API).

Custom Headers

Create custom categorizations by defining your own headers and mapping them to finding fields.

Use Case Example: Create an OWASP Top 10 chart

  1. Create a chart named OWASP_Top10
  2. Select Custom as the header type
  3. Define headers: A01, A02, A03, A04, A05, A06, A07, A08, A09, A10
  4. Map to a custom field in the finding editor (e.g., "OWASP Category")
  5. When you categorize findings with OWASP categories, the chart automatically counts vulnerabilities per category

Filters (Query)

Apply filters to control which findings are included in the chart data. This allows you to create targeted visualizations.

Common Filter Examples

  • Show only remediated vulnerabilities to demonstrate progress
  • Display findings from a specific project type or assessment phase
  • Filter by severity to focus on critical/high-risk issues
  • Exclude informational findings from severity charts

Filters are defined interactively using the chart configuration interface, allowing you to build complex queries without writing code.

Predefined Charts

Using PentestPad, you can also display native MS Word Charts with your data from project.

Multi Assessment Domain Reports

Sometimes you want to bundle web application and network domain assessment in one report. You can define how it would display in the report.

On this page

OverviewUsageExamplesCreating a ChartChart ConfigurationChart TitleChart TypeChart SettingsHeadersRisksRemediation StageAssessment DomainCustom HeadersFilters (Query)Common Filter Examples