Another one landed today, it's all over your monitor. Damn penetration test reports, they're all alike... and that's the problem. Some have written many, others have read many. This talk will delve in to a topic seldom discussed; penetration testing deliverables. They seldom include more than technical run downs of identified vulnerabilities and an executive summary with a few pretty graphs. While this is useful information, are these vulnerabilities really the problem or are they just symptoms of larger issues? Is this really all we can provide? This talk is aimed at those who write penetration test reports as much as those who read them. Join me as we walk through structuring penetration testing deliverables to be more valuable, identifying root causes, communicating findings in more meaningful ways, and developing actionable supplementary documentation. It's time to raise the bar.