Retesting

Overview

AttackForge tracks the life of vulnerabilities - from Open, to Retesting & Closed. This helps to understand the status of a vulnerability - at any point in time - when you or the customer need it.
Every vulnerability has its own audit trail which contains remediation notes, to help track what remediation actions were performed, by whom and when.
AttackForge also tracks every round of retesting that has been requested or performed against the project, with automations to make the process simple & fast.

Add Remediation Notes

Any project team member can add remediation notes to a vulnerability. This can be used by developers when updating the remediation actions performed on the vulnerability, or by pentesters when documenting observations during a retest.
To add a remediation note, navigate to the vulnerability page and use the menu to select Add Remediation Note
The remediation notes can be viewed from the vulnerability page by clicking on the Remediation Notes tab. Remediation Notes are ordered by date, with last created showing at the top.
You can also view remediation notes by downloading the on-demand reports.
Remediation notes are also exported to JIRA; and any notes from JIRA are also imported into AttackForge (bi-directional sync).

Mark Vulnerabilities for Retesting

Any project team member can flag a vulnerability for retesting. This can be used by developers when indicating that an issue has been resolved and can now be retested.
You can individually mark a vulnerability for retesting by clicking on Ready for Retesting from the vulnerability page menu.
You will be prompted to enter an optional remediation note which is useful to help the security team understand what fixes have been put in place in order to indicate vulnerability is now ready for retesting.
The status of the vulnerability will change to Yellow; and the vulnerability will shows as Ready for Retest within the application.
A remediation note will also appear to indicate when the vulnerability was flagged as ready for retesting, and by whom.
If you need to flag multiple vulnerabilities as ready for retesting, you can use the bulk update action from the vulnerabilities page menu.

Request a Retest

After you have flagged vulnerabilities as ready for retesting on a project, you can request a round of retesting to be performed.
To request a round of retesting, click on Retesting from the project dashboard menu.
From the Retesting section on the project, use the page menu to select Request Retest. Note any project team member can request a retest.
Select the date when the retest will be ready to commence.
Select the vulnerabilities you would like to include in this round of retesting. You can only select from vulnerabilities which are currently flagged as Ready for Retest.
Click Submit Request when ready.
After submitting the request, you will receive a confirmation email. The AttackForge administrators will also be notified of your request.
You will also see your request registered as a new round.

Perform a Retest

Once a retest has been requested, the pentesters/consultants can commence the retesting. The vulnerabilities in-scope for the retest can be accessed from the Retesting section on the project, accessible from the project menu.
Click on a vulnerability to navigate to the vulnerability page.
From here, use the menu to perform the following functions. Note you will need to have Edit permissions on the project.
  • View Remediation Notes - to understand what steps have been taken to mitigate this issue.
  • Upload Evidence - upload screenshots and proof of the findings/observations from the retest.
  • Add Remediation Note - add further remediation notes to include the findings/observations from the retest.
  • Re-Open Vulnerability - re-open the vulnerability if it is deemed to be not fixed.
  • Close Vulnerability - close the vulnerability if it is deemed to be fixed.
Once you have performed the retest for all the in-scope vulnerabilities, click on Retest Completed from the actions menu for the round of retesting you are working on. An email notification will be sent to the project team to inform them that the retest is now completed. A record of the retested vulnerabilities will also be visible and also accessible in reports.

Tracking Retesting

You can keep track of all retests on your projects by clicking on Retesting module from the main navigation menu.
Here you will find a list of all your projects, including columns at the end (far right) which you can sort by and includes:
  • number of vulnerabilities flagged for retesting on the project;
  • number of round of retesting requested on the project;
  • number of rounds of retesting completed on the project.
You can click on any of the numbers in order to drill-down to the details.

Cancelling a Retest

Administrators and persons who had requested a retest can cancel their retest if it is no longer required. Once a retest has been cancelled, no further actions can be taken for that round - however a new round can always be requested.
All in-scope vulnerabilities for the cancelled round of retesting will be reset back to Open status. A remediation note will also be created to track the status change due to cancelled retest.
You can cancel a retest by clicking on Cancel Retest from the actions menu.
Last modified 3d ago