AttackForge Community is a free-to-use collaboration platform to help you manage your own security & penetration testing projects and related activities.
- Create penetration testing projects & Track testing progress
- Add & Import vulnerabilities to your projects/pentests
- Access high-quality automated vulnerability reports on-demand & when you need them
- Create custom automated pentest reports using AttackForge ReportGen
- Collaborate with your project team
- Access analytics & trend analysis for your assets and vulnerabilities
- Export your vulnerabilities to JIRA or ServiceNow
- Request, Perform & Track Remediation Testing (Retesting)
AttackForge.com is purpose built to:
- help pentesters reduce the amount of time they spend doing things other than pentesting;
- provide customers with fast & easy access to vulnerabilities and analytics;
- help developers start remediating issues faster;
- give pentest teams ability to collaborate effectively and securely.
It is the first dedicated platform for Pentest Management – unlike other similar platforms or tools which focus on scanner aggregation or report generation only.
AttackForge.com can significantly increase actual time spent testing. It helps pentesters:
- create projects and give access to the client and developers or engineers so they can upload all necessary details & artefacts.
- easily and quickly raise new vulnerabilities. Leveraging the powerful built-in vulnerability library with 1300+ templates from Mitre CWE and CAPEC, it takes on average less than 30 seconds to add a vulnerability to your project/pentest.
- import vulnerabilities from your favourite tools including Nessus, BURP, Qualys, ZAP, OpenVAS & more.
- download high-quality reports on-demand - saving hours and days of reporting time & effort on every pentest.
- integrate reports in to your own custom reporting templates using AttackForge ReportGen.
- export vulnerabilities directly into JIRA or ServiceNow.
- collaborate with your team on private Slack channels.
AttackForge.com has other collaboration tools as well to make everyone’s lives easier – for pentesters and the client. This includes
- email notifications on start/stop testing daily;
- daily tracker for progress updates;
- calendar to schedule and plan upcoming projects;
- remediation tracking and audit trail for all vulnerabilities; and
- analytics to provide more insight across range of projects or pentests.
AttackForge.com integrates best practice testing methodologies & benchmarks from OWASP, OSSTMM, PTES & others - which helps clients understand what the pentester is actually testing and transparency on testing coverage; and also helps the pentester structure their testing.
Pentesters can also create their own methodologies for specific clients, projects, or benchmarks they prefer to work with.
AttackForge.com will improve communication, collaboration & transparency; as well as decrease time, effort & costs on your next pentest.