Retesting & Remediation

Overview

AttackForge tracks the remediation history for all vulnerabilities - from Open, to Retesting & Closed. This helps to understand the status of a vulnerability - at any point in time - when you or the customer needs it.

Every vulnerability has its own history which contains remediation notes, to help track what remediation actions were performed, when and by whom.

AttackForge also tracks every round of retesting that has been requested or performed against the project, with automations to make the process simple & fast.

Add Remediation Notes

Any project team member can add remediation notes to a vulnerability. This can be used by engineering teams when updating the remediation actions performed on the vulnerability, or by pentesters when documenting observations during a retest.

To view remediation notes, navigate to the vulnerability page and click on the Remediation icon on the right hand side.

To add a remediation note, navigate to the vulnerability page and click on the Remediation icon on the right hand side, then click Add Note.

To bulk add remediation notes, select the vulnerabilities and then click Add Remediation Note from actions menu.

Remediation Plan

If the Remediation Plan field is enabled (see Administration module), project team members can update the remediation plan for any of the vulnerabilities. This is useful to ensure vulnerabilities are getting acknowledged by technical teams, and a plan for when those vulnerabilities are aiming to be fixed/addressed is captured.

Every remediation plan includes a countdown tracker to make it easy to identify and action vulnerabilities which are getting close to, or have already exceeded, their remediation plan dates.

The vulnerability will now track Target Remediation Date.

Assign Vulnerabilities for Retesting

Any project team member can assign a vulnerability for retesting. This can be used by engineering teams indicating that a vulnerability has been resolved and can now be retested.4

You can assign a vulnerability for retesting by clicking on Update Status from the vulnerability page.

You will be prompted to enter an optional remediation note which is useful to help the security team understand what fixes have been put in place in order to indicate vulnerability is now ready for retesting.

You can view remediation history by clicking on Remediation button on the vulnerability page.

You can also bulk assign vulnerabilities for retesting.

Request a Retest

After you have flagged vulnerabilities as ready for retesting on a project, you can request a round of retesting to be performed.

To request a round of retesting, click on Retesting from the project menu, then click on Request Retest.

Select the date when the retest will be ready to commence.

Select the vulnerabilities you would like to include in this round of retesting. You can only select from vulnerabilities which are currently flagged as Ready for Retest.

Click Request Retest when ready.

After submitting the request, you will receive a confirmation email. The administrators will also be notified of your request.

You will also see your request registered as a new round.

Perform a Retest

Once a retest has been requested, the pentesters/consultants can commence the retesting. The vulnerabilities in-scope for the retest can be accessed from the Retesting section on the project.

Click on a vulnerability to navigate to the vulnerability page.

From here, use the menu to perform the following functions. Note you will need to have Edit permissions on the project.

  • View Remediation Notes - to understand what steps have been taken to mitigate this issue.

  • Upload Evidence - upload screenshots and proof of the findings/observations from the retest.

  • Add Remediation Note - add further remediation notes to include the findings/observations from the retest.

  • Re-Open Vulnerability - re-open the vulnerability if it is deemed to be not fixed.

  • Close Vulnerability - close the vulnerability if it is deemed to be fixed.

Once you have performed the retest for all the in-scope vulnerabilities, click on Complete Round from the actions menu for the round of retesting you are working on. An email notification will be sent to the project team to inform them that the retest is now completed. A record of the retested vulnerabilities will also be visible and also accessible in reports.

Tracking Retesting

You can track retesting history on a project by simply viewing the project dashboard page.

You can keep track of all retests on your projects by clicking on Retesting View from the projects module.

Here you will find a list of all your projects, including columns at the end (far right) which you can sort by and includes:

  • number of vulnerabilities flagged for retesting on the project;

  • number of round of retesting requested on the project;

  • number of rounds of retesting completed on the project.

You can click on any of the numbers in order to drill-down to the details.

Cancelling a Retest

Administrators and persons who had requested a retest can cancel their retest if it is no longer required. Once a retest has been cancelled, no further actions can be taken for that round - however a new round can always be requested.

All in-scope vulnerabilities for the cancelled round of retesting will be reset back to Open status. A remediation note will also be created to track the status change due to cancelled retest.

You can cancel a retest by clicking on Cancel Round from the actions menu.

Last updated

Check YouTube for more tutorials: https://youtube.com/@attackforge