Report writing
- Write in past tense.
- Prefer active voice over passive voice.
- "We recommend to..." instead of "It is recommended..."
- Write recommendations in bullet points.
- Use the imperative form for important actions (e.g.,"Set the
SameSitecookie attribute toStrict.") - Omit bullet point if there is only one recommendation.
- Use the imperative form for important actions (e.g.,"Set the
- Redact sensitive information, like names from uninvolved people, passwords, cookies, etc.
- You can also blur parts of screenshots for the sake of a better overview.
- See Redact sensitive data
- Don't give additional recommendations for already implemented things.
- E.g., don't recommend setting the
HttpOnlyattribute if the server already does.
- E.g., don't recommend setting the