AttackForge
Search
K

Configuration Options

Supported Tenant Configuration Options
AttackForge Core & Enterprise provides a rich set of global tenant configuration options - allowing you to customize your AttackForge workflows, features & user experience.
The list of supported configuration options is included below and regularly updated.
You can access most of the configurations options via Administration module.

Whitelabel

  • Custom domain for accessing the application (Enterprise only)
  • Custom domain for all emails (Enterprise only)

Portfolios

Fields

  • Code
  • Description
  • Level 1 Owner
  • Level 2 Owner
  • Level 3 Owner

Custom fields

Projects

Actions

  • Access New Projects
  • Create New Project
  • Add Test Suites on Existing Projects
  • Add Abuse Cases on Projects
  • Export Test Case Workspace Notes on Project JSON Export

Fields

  • Project Name
  • Project Code
  • Organization Code
  • Executive Summary
  • Vulnerability Scoring System
  • Team Notification Events
  • Admin Notification Events
  • Email Notification Type of New Vulnerabilities
  • Linked Portfolio Streams
  • Linked Groups
  • Custom Tags

Custom Fields

Project Requests

  • Enable Project Request Workflow

Actions

  • Action Project Requests

Fields

  • Project Name
  • Project Code
  • Testing to be Performed
  • Reason Testing is Required (Justification)
  • Assets to be Tested (Scope)
  • Desired Start Date
  • Desired End Date
  • Desired Test Window
  • Onsite Testing Required

Custom Fields

Assets

Assets Module

  • Enable/Disable Assets Module

Fields

  • Asset Type
  • Asset ID
  • Asset Details
  • Linked Groups

Custom Fields

Vulnerabilities

Features

  • Enable/Disable Remediation Plan
  • Enable/Disable Zero-Day
  • Enable/Disable/Configure Vulnerability Remediation SLAs

Vulnerability Form Builder

Import Vulnerabilities

  • Custom Mapping Expressions

Writeups

Main Library

  • Allowed Roles, Groups and Users

Imported Library

  • Allowed Roles, Groups and Users

Project Library

  • Allowed Roles, Groups and Users

Custom Libraries

  • Add Custom Libraries and configure their access controls

Fields

  • Attack Scenario
  • CIA Fields (Confidentiality, Integrity, Availability)
  • Severity
  • Exploitability
  • CVSS Scoring
  • Custom Tags

Custom Fields

Test Suites

Test Case Custom Fields

Reporting

Standard Reports

  • Configuration for PDF Report
  • Configuration for DOCX Report
  • Configuration for HTML Report

Custom Reports

  • Configuration for Custom Reports
The following tags can be used for setting a custom report name:
  • {project.id}
  • {project.name}
  • {project.code}
  • {project.organization_code}
  • {project.status}
  • {project.start_date}
  • {project.end_date}
  • {project.custom_field.<KEY>}

Notifications

Email Notifications

  • Enable/Disable emails

Email Template

  • Custom Header
  • Custom Body CSS
  • Custom Footer

Projects

  • Email Group Members on Project Creation
  • Email Project Team when Project is On-Hold
  • Email Project Team when Project is Off-Hold
  • Email Project Team on Daily Testing Start/Stop
  • Custom Email Body for Daily Start/Stop Testing Notifications
  • Additional email recipients for Daily Start/Stop Testing Notifications
  • Custom Email Body for Individual Vulnerability Notifications
  • Custom Email Body for Grouped Vulnerability Notifications
  • Additional Email Recipients for New Vulnerability Notifications

New User

  • Email Admins when New User is Created
  • Email New User with Welcome Message
  • Custom Email Body for New Registrations
  • Custom Email Subject for New Manually Created/Invited User
  • Custom Email Body for New Manually Created/Invited User

Custom Emails

Admin Updates

  • Configure Daily Admin updates
  • Configure Weekly Admin updates

Security

  • Email User on Change of IP Address from Last Login

Login and Security

Login Methods

  • Enable local accounts
  • Configure Single-Sign-On (SSO) Profile 1
  • Configure Single-Sign-On (SSO) Profile 2
  • Enforce AttackForge MFA on Admin SSO Logins
  • Auto-Redirect to SSO from Login Page
  • Enable Password Reset
  • Enable Simultaneous User Sessions
  • Session Timeout (in minutes)
  • Custom Login Message

Registration

  • Configure self-registration settings

Security

  • Disable Inactive Non-Admin Users settings
  • Blacklisted Extensions for File Upload

Users

  • Default Roles for New Users

Preferences

  • Date format
  • Work week

Logos

  • Login and Report Logo
  • Sidebar Logo

Colors

  • Login Page Background Color
  • Login Page Primary Button Color
  • Login Page Secondary Button Color
  • Sidebar Header Background Color
  • Sidebar Menu Background Color
  • Sidebar Menu Active Item
  • HTML Report Title Background Color
  • PDF Report Title Background Color