Actions

Overview

Actions enable you to build your own custom workflows into the AttackForge application user interface, and trigger those workflows with a button click.

You can create Actions to help you:

• Build custom workflows for your teams

• Trigger a process automation

• Launch an integration with an external system

Examples of Actions could include:

• Request a QA review / Approve a QA review

• Launch scans within your security tooling

• Create bulk actions which do not currently exist

• Trigger a custom vulnerability risk acceptance workflow

• Enable low-privileged users to perform isolated privileged tasks

• Export data on-demand

• Run custom reports and email the results

• Anything you can imagine 😄

IMPORTANT: Actions are only available if you have the Flows module enabled

How Actions Work

Actions are located in your existing menus, alongside other existing system actions.

Actions are triggered with a button click.

When triggering an Action, a confirmation dialogue will appear:

This dialogue provides you with additional information on the Action, depending on your configured access.

After you click on Run - the Action will be triggered, and it will show in your Action Runs Manager. From here, you can monitor the status of your triggered Action.

You can click on the status to see more information:

Actions are powered by Flows. Flows is AttackForge's powerful workflow automation engine, allowing users to create completely custom workflows, automations and integrations.

Flows is powered by AFScript - AttackForge's easy-to-use scripting language, creating infinite possibilities with what your Flows can actually do.

Actions can be linked to multiple Flows - meaning many workflows can be triggered from one single Action.

Supported Entities

Actions can be created and accessed within any of the following entities:

1. Project Request(s)

2. Project(s)

3. Project Vulnerability(s)

4. Project Test Case(s)

5. Portfolio(s)

6. Portfolio Stream

7. Group(s)

8. Asset(s)

9. Writeup(s)

10. User(s)

11. Application

Building Actions

To start building an Action, click on the Actions button in any of the application menus:

Then click on the + button:

Alternatively, you can click on the Application Actions menu from the main navigation bar, then click on the Actions button:

Then click on the New button:

Configuring the Action

1. Enter a name for your Action.

2. Select the entities where you want your Action to show.

1. Link the related Action Event Flows to your Action. There is no limit on how many Action Event Flows can be linked to your Action.

1. Add an optional Readme if required.

1. Review the Action configuration and click Create.

If you are seeing the warning Flow is disabled - you will need to enable the Flow from the Flows module.

If you are seeing the warning Missing access to trigger action flows - you will need to assign yourself with either Run or Create access to Action Triggers.

Triggering Actions

Wherever you see an Actions button within the application user interface - you can click it to access existing Actions which you can trigger.

When you click on an Action, a confirmation dialogue box will open. You can click Run to trigger the Action.

You can click on Readme to access more information on this Action.

If you have permission to view the linked Flow, you can click on the button to access it:

After you click on Run - the Action will show in your Action Runs Manager. From here, you can monitor the status of your triggered Action.

You can click on the status to see more information:

If you have permission to view Flow Run Logs - you can click the button to see the detailed information for what each Flow did:

Status Check Issues

If a status check returns an issue - you will not be able to trigger the Action.

If you are seeing the warning Flow is disabled - you will need to enable the Flow from the Flows module.

If you are seeing the warning Missing access to trigger action flows - you will need to assign yourself with either Run or Create access to Action Triggers.

Viewing All Actions

You can view all of your Actions by clicking on the Actions button from the main navigation menu, then again on the Actions button:

You can click on an Action to view the Action Runs related to the Action. You can also view the Readme and edit the Action from here.

Editing Actions

When viewing an Action, click on the Edit button to make updates:

You can also access the Edit Action page by clicking on the Settings button in the Actions menu, then clicking on the Edit button:

Deleting Actions

From the All Actions page, use the table row menu to select the Action you want to delete and then click on Delete.

You can also Delete Actions by clicking on the Settings button in the Actions menu, then clicking on the Delete button:

Viewing Action Runs

You can switch to the Action Runs menu from the All Actions page:

You can also view all Action Runs by clicking on an Action from the All Actions page:

When you click on an Action Run - a dialogue will show which Flows were triggered and their status. If you have permission - you can click on the button next to the status to view the Flow Run Logs.

Application Actions

Application Actions are accessed by clicking on the Actions button from the main navigation menu:

Application Actions relate to the application itself, they are not tied to any particular entity such as a Project, Vulnerability or Asset.

You can use Application Actions at any time - regardless of what access you have to other data and workflows in AttackForge. This makes them ideal for have personal workflows, or delegating privileged workflows to lower-privileged users.

Sharing Actions

Coming soon!

Custom Forms on Actions

Coming soon!

Reordering Actions

You can re-order your custom Actions by clicking on the Settings button in the Actions menu:

You can drag and drop each row to the order you desire; or use the menu to select the desired re-ordering option: