Configuration Options

Supported Tenant Configuration Options

AttackForge Core & Enterprise provides a rich set of global tenant configuration options - allowing you to customize your AttackForge workflows, features & user experience.

The list of supported configuration options is included below and regularly updated.

You can access most of the configurations options via Administration module.

Whitelabel

  • Custom domain for accessing the application (Enterprise only)

  • Custom domain for all emails (Enterprise only)

    • default discover@attackforge.com

Portfolios

Fields

  • Code

  • Description

  • Level 1 Owner

  • Level 2 Owner

  • Level 3 Owner

Custom fields

Projects

Actions

  • Access New Projects

  • Create New Project

  • Add Test Suites on Existing Projects

  • Add Abuse Cases on Projects

  • Export Test Case Workspace Notes on Project JSON Export

Fields

  • Project Name

  • Project Code

  • Organization Code

  • Executive Summary

  • Vulnerability Scoring System

  • Team Notification Events

  • Admin Notification Events

  • Email Notification Type of New Vulnerabilities

  • Linked Portfolio Streams

  • Linked Groups

  • Custom Tags

Custom Fields

Project Requests

  • Enable Project Request Workflow

Actions

  • Action Project Requests

Fields

  • Project Name

  • Project Code

  • Testing to be Performed

  • Reason Testing is Required (Justification)

  • Assets to be Tested (Scope)

  • Desired Start Date

  • Desired End Date

  • Desired Test Window

  • Onsite Testing Required

Custom Fields

Assets

Assets Module

  • Enable/Disable Assets Module

Fields

  • Asset Type

  • Asset ID

  • Asset Details

  • Linked Groups

Custom Fields

Vulnerabilities

Features

  • Enable/Disable Remediation Plan

  • Enable/Disable Zero-Day

  • Enable/Disable/Configure Vulnerability Remediation SLAs

Vulnerability Form Builder

Import Vulnerabilities

  • Custom Mapping Expressions

Writeups

Main Library

  • Allowed Roles, Groups and Users

Imported Library

  • Allowed Roles, Groups and Users

Project Library

  • Allowed Roles, Groups and Users

Custom Libraries

  • Add Custom Libraries and configure their access controls

Fields

  • Attack Scenario

  • CIA Fields (Confidentiality, Integrity, Availability)

  • Severity

  • Exploitability

  • CVSS Scoring

  • Custom Tags

Custom Fields

Test Suites

Test Case Custom Fields

Reporting

Standard Reports

  • Configuration for PDF Report

  • Configuration for DOCX Report

  • Configuration for HTML Report

Custom Reports

  • Configuration for Custom Reports

The following tags can be used for setting a custom report name:

  • {project.id}

  • {project.name}

  • {project.code}

  • {project.organization_code}

  • {project.status}

  • {project.start_date}

  • {project.end_date}

  • {project.custom_field.<KEY>}

Notifications

Email Notifications

  • Enable/Disable emails

Email Template

  • Custom Header

  • Custom Body CSS

  • Custom Footer

Projects

  • Email Group Members on Project Creation

  • Email Project Team when Project is On-Hold

  • Email Project Team when Project is Off-Hold

  • Email Project Team on Daily Testing Start/Stop

  • Custom Email Body for Daily Start/Stop Testing Notifications

  • Additional email recipients for Daily Start/Stop Testing Notifications

  • Custom Email Body for Individual Vulnerability Notifications

  • Custom Email Body for Grouped Vulnerability Notifications

  • Additional Email Recipients for New Vulnerability Notifications

New User

  • Email Admins when New User is Created

  • Email New User with Welcome Message

  • Custom Email Body for New Registrations

  • Custom Email Subject for New Manually Created/Invited User

  • Custom Email Body for New Manually Created/Invited User

Custom Emails

Admin Updates

  • Configure Daily Admin updates

  • Configure Weekly Admin updates

Security

  • Email User on Change of IP Address from Last Login

Login and Security

Login Methods

  • Enable local accounts

  • Configure Single-Sign-On (SSO) Profile 1

  • Configure Single-Sign-On (SSO) Profile 2

  • Enforce AttackForge MFA on Admin SSO Logins

  • Auto-Redirect to SSO from Login Page

  • Enable Password Reset

  • Enable Simultaneous User Sessions

  • Session Timeout (in minutes)

  • Custom Login Message

Registration

  • Configure self-registration settings

Security

  • Disable Inactive Non-Admin Users settings

  • Blacklisted Extensions for File Upload

Users

  • Default Roles for New Users

Preferences

  • Date format

  • Work week

Logos

  • Login and Report Logo

  • Sidebar Logo

Colors

  • Login Page Background Color

  • Login Page Primary Button Color

  • Login Page Secondary Button Color

  • Sidebar Header Background Color

  • Sidebar Menu Background Color

  • Sidebar Menu Active Item

  • HTML Report Title Background Color

  • PDF Report Title Background Color

PreviousRaising Support TicketsNextSecurity

Last updated

Check YouTube for more tutorials: https://youtube.com/@attackforge