[samnwa]

Do you still use excel sheets for security assessment or some platform?

[CyberBank]

A combo of in house tools for creating findings from "non-standard" tools, (standard tools being nessus, app scan, etc.) Such as pen tests, responsible disclosure, red teamings, etc. We partner with Kenna Security pretty heavily in terms of tracking and consolidating our vulnerabilities, along with remediation prioritization and strategy