Portfolios

Overview

Portfolios help you to create dedicated programs to track and manage your security testing activities. Want to know how your internal systems compare to your external systems? Or wanting to track security posture for your applications? Portfolios makes this easy!
Each portfolio comes with Work Streams (Streams). Streams help you to consolidate all of your related testing activities for a portfolio, for example:
    Portfolio: Internet Banking
      Work Stream 1: Web Application
        Project 1: Internet Banking Web App Pentest Q1 2021
        Project 2: Internet Banking Web App Pentest Q2 2021
        Project 3: Internet Banking Web App Pentest Q3 2021
      Work Stream 2: Mobile Application
        Project 1: Mobile Banking Pentest Q1 2021
        Project 2: Mobile Banking Pentest Q2 2021
        Project 3: Mobile Banking Pentest Q3 2021
Portfolios and Streams can help you track Business-as-Usual (BAU) pentesting and help you to better understand where to focus your time and resources more effectively.
Projects can be assigned to many streams and portfolios. This can help to ensure you are tracking the right vulnerabilities, across your enterprise. Using example above, vulnerabilities in project API Pentest Q1 2021 might be relevant to both Internet Banking & Mobile Banking applications - therefore could be assigned to both streams.
Every Portfolio and Stream has a unique dashboard which includes details on vulnerabilities, projects & assets - helping you make more informed business decisions when it comes to tracking and remediation.
Portfolios is currently only available to Administrators on AttackForge Enterprise.

Creating a Portfolio

Start by clicking on Portfolios module in your main menu. You must be an Administrator.
Click on page menu and select Create New Portfolio
Complete the details for your portfolio.
You can add a work stream by clicking on Add Stream. Enter a name for your stream, and link any existing projects to the stream (optional).
You can create as many streams as you need. You can also update this later on.
Once finished, click Create New Portfolio.

Linking Projects to Streams

You can add new projects to Portfolios & Streams from the Portfolio Edit page.
To edit a Portfolio, use the page menu to select Edit Portfolio.
You can create new streams and link associated projects, or you can update existing projects on existing streams.
You can also associate a project with one or more Portfolios & Streams at time of project creation or approval; or when editing a project.
Last modified 2mo ago