# 2026 ## 5 March 2026 ### Build Your Own Custom Workflows - In The UI! The team at AttackForge are incredibly excited to bring you.. **Actions**! 🤩🤩 [Actions](https://support.attackforge.com/attackforge-enterprise/actions) enable you to *build your own custom workflows* into the AttackForge application user interface, and trigger those workflows with a *simple button click*. With the newest addition of Actions, this completes our mission to empower our customers with ***Automation - Anytime, Anywhere, by Anyone!*** You can now create Workflow Automations in AttackForge from: * **Internal Events** - e.g. when a vulnerability is created or updated * **External Events** - e.g. when changes happen in other systems or scripts * **Scheduled Events** - e.g. run automations hourly, daily, weekly, or a custom frequency * ***NEW*** **Actions** - e.g. when a user clicks on an Action within the app And best of all - these Workflow Automations are *built directly into AttackForge*! Meaning: * No need for complex middleware, or scripts running on *someones* machine * Full visibility and control into what your automations are doing at every step * No additional assets or infrastructure to procure and manage * Auditability and access controls across all automations, including secrets management!

You can create Actions to *help you*: * **Build custom workflows for your teams** * **Trigger a process automation** * **Launch an integration with an external system** Examples of Actions could include: * *Request a QA review / Approve a QA review* * *Launch scans within your security tooling* * *Create bulk actions which do not currently exist* * *Trigger a custom vulnerability risk acceptance workflow* * *Enable low-privileged users to perform isolated privileged tasks* * *Export data on-demand* * *Run custom reports and email the results* * *Anything you can imagine* 😄

Actions can be created and accessed within any of the following entities: 1. [Project Request(s)](https://support.attackforge.com/attackforge-enterprise/getting-started/requesting-a-project) 2. [Project(s)](https://support.attackforge.com/attackforge-enterprise/getting-started/creating-and-managing-projects) 3. [Project Vulnerability(s)](https://support.attackforge.com/attackforge-enterprise/getting-started/creating-vulnerabilities) 4. [Project Test Case(s)](https://support.attackforge.com/attackforge-enterprise/getting-started/test-cases) 5. [Portfolio(s)](https://support.attackforge.com/attackforge-enterprise/modules/portfolios) 6. [Portfolio Stream](https://support.attackforge.com/attackforge-enterprise/modules/portfolios) 7. [Group(s)](https://support.attackforge.com/attackforge-enterprise/modules/groups) 8. [Asset(s)](https://support.attackforge.com/attackforge-enterprise/modules/assets) 9. [Writeup(s)](https://support.attackforge.com/attackforge-enterprise/modules/vulnerability-library) 10. [User(s)](https://support.attackforge.com/attackforge-enterprise/modules/users) 11. [Application](https://support.attackforge.com/attackforge-enterprise/actions#application-actions) When triggering an Action, a confirmation dialogue will appear. You can also access more information in the `README`

After you click on `Run` - the Action will be triggered and it will show in your `Action Runs Manager`. From here, you can monitor the status of your triggered Action.

You can click on the status to see more information:

You can also build `Application Actions`. These Actions relate to the application itself, they are not tied to any particular entity such as a Project, Vulnerability or Asset. You can use Application Actions *at any time* - regardless of what access you have to other data and workflows in AttackForge. This makes them ideal for ***personal workflows***, or ***delegating privileged workflows*** to lower-privileged users.

Actions are powered by [Flows](https://support.attackforge.com/attackforge-enterprise/modules/flows). Flows is AttackForge's **powerful Workflow Automation engine**, allowing users to *create completely custom workflows, automations and integrations*. Flows is powered by [AFScript](https://support.attackforge.com/attackforge-enterprise/afscript) - AttackForge's **easy-to-use scripting language**, creating *infinite possibilities* with your Actions and Flows! Actions can be linked to multiple Flows - meaning many workflows can be triggered from one single Action. > Coming Soon! You can share your Actions, and also create Custom Forms on Actions! ### Project Scope Assets Improvements We've significantly improved on how you can interact with assets on a project! 🥳 We've improved the project scope assets interface to make it easier to work with data. You can now add scope and import assets directly when creating or editing vulnerabilities - without leaving the page, reducing friction when working on vulnerabilities:

Importing assets now support list imports where you can copy/paste a delimited list of assets to import:

You can now view full asset information (including components) directly from the vulnerabilities table. We've added advanced filtering on all asset related tables within a project. You can also manage project scope assets anywhere within a project where scope assets can be selected. We've also extended the *Quick Select* and *Table* options to all places for filtering and selecting assets. ### Review Notes In More Places In recent updates, we've focused on making quality assurance reviews ✅ *faster and easier* in AttackForge. In this update, we've extended [Review Notes](https://support.attackforge.com/attackforge-enterprise/getting-started/reviewing-and-qa-vulnerabilities) to **Writeups** and **Test Cases on Test Suites**:

### Table Custom Field Improvements We've powered up Table Custom Fields! 💪 You can now use *Rich-Text fields in Table Custom Fields*. This is ideal when you need a list of Rich-Text context, such as **Narratives, Timelines, Notes, and more**.

We've also added support for ***List*** fields in Table Custom Fields too! You can also control which fields need to be displayed when viewing the table. We've also improved Table Custom Field features to support filtering for all columns, as well as `Export to CSV`. We've also improved the user experience when viewing and editing rows of data within the table. ### Improvements In Analytics We've enhanced all of the `Top 10 Analytics` to now include more details!

### New AI Testing Methodologies If you're currently or planning to do `AI pentesting` - look no further! 👀 We've added two more AI pentesting methodologies, in addition to the existing [**MITRE ATLAS Framework**](https://github.com/AttackForge/TestSuites/blob/main/MITRE/ATLAS/mitre_atlas_4.8.0_testcases.json): * [**OWASP AI Testing Guide**](https://github.com/AttackForge/TestSuites/blob/main/OWASP/AITG/owasp_ai_testing_guide_2026.json) - The OWASP AI Testing Guide (AITG) is an open-source, community-driven framework providing standardized methodologies to test the trustworthiness, security, and reliability of AI and LLM systems. It offers comprehensive, actionable test cases across four key layers—Application, Model, Data, and Infrastructure—to help developers and auditors manage AI-specific risks like prompt injection and bias. * [**OWASP LLM Top 10**](https://github.com/AttackForge/TestSuites/blob/main/OWASP/Top%2010/OWASP-LLM-Applications-Top-10-2025.json) - The OWASP Top 10 for Large Language Model (LLM) Applications is a comprehensive framework identifying the most critical security risks when integrating LLMs into applications. It focuses on unique vulnerabilities like prompt injection, insecure output handling, and training data poisoning, serving as a guide for developers and security professionals to build, deploy, and manage LLMs securely.

### ReportGen Updates We're always improving on our kick-ass reporting engine - **ReportGen** 🥋 #### New Filters * [**Declare**](https://support.attackforge.com/attackforge-enterprise/modules/reporting/template-filters#declare) - You can declare variables in-line using values from tags directly. * [**Assign**](https://support.attackforge.com/attackforge-enterprise/modules/reporting/template-filters#assign) - You can assign a new value to a variable in-line using values from tags directly. * [**DateAdd**](https://support.attackforge.com/attackforge-enterprise/modules/reporting/template-filters#dateadd) - You can add units of time to a date. * [**DateSubtract**](https://support.attackforge.com/attackforge-enterprise/modules/reporting/template-filters#datesubtract) - You can subtract units of time to a date. * [**DateDiff**](https://support.attackforge.com/attackforge-enterprise/modules/reporting/template-filters#datediff) - You can diff the time between dates. * [**Increment**](https://support.attackforge.com/attackforge-enterprise/modules/reporting/template-filters#datediff) - You can increment a number by 1 or a specified integer. * [**Multiply**](https://support.attackforge.com/attackforge-enterprise/modules/reporting/template-filters#datediff) - You can multiply a number by a specified integer. * [**Drop**](https://support.attackforge.com/attackforge-enterprise/modules/reporting/template-filters#drop) - You can use drop to prevent a value from showing. #### New Functions * [**$range**](https://support.attackforge.com/attackforge-enterprise/modules/reporting/template-functions#usdrange) - Use this function to create a range of data which you can iterate over. * [**$dateRange**](https://support.attackforge.com/attackforge-enterprise/modules/reporting/template-functions#usdrange) - Use this function to create a range of dates which you can iterate over. * [**$dateDiff**](https://support.attackforge.com/attackforge-enterprise/modules/reporting/template-functions#usdrange) - Use this function to perform a diff between two dates. #### [dateFormat Filter](https://support.attackforge.com/attackforge-enterprise/modules/reporting/template-filters#dateformat) Now Supports Timezone Offset #### Sort Test Cases Using Custom Order ### UX Improvements #### Export User Access Lists to CSV You can now export all user access directly to CSV in `Users > (select user) > Access`. #### Non-Admins Can Now Link/Re-Assign Vulns To Other Projects #### Attack Chains Get New Tactics We've added `Reconnaissance` and `Resource Development` to the Attack Chains. ### ServiceNow - Vulnerability Response Integration We're committed to supporting our customers with integrating all of their offensive security testing into their enterprise ecosystem! 🎯 Previously we released an [integration with ServiceNow Incidents](https://support.attackforge.com/attackforge-enterprise/modules/flows#create-servicenow-incident). In this release, we've created a bi-directional integration with [ServiceNow Vulnerability Response](https://www.servicenow.com/au/products/vulnerability-response.html) to help you: * Automatically create Vulnerability Response (VR) findings from new vulnerabilities * Automatically sync statuses between VR findings and vulnerabilities You can read more about these [Flows on our Support Portal](https://support.attackforge.com/attackforge-enterprise/modules/flows#examples). Or import these Flows into your AttackForge from our [Flows GitHub Repository](https://github.com/AttackForge/Flows).

### AI MCP Updates #### New Tools We only recently introduced [AI MCP](https://support.attackforge.com/attackforge-enterprise/modules/ai-model-context-protocol-mcp) and we're already supercharging it to keep up with new ways our customers are *plugging in their own AI tools into AttackForge* to get real work done, fast! ✨ * [**get\_file**](https://support.attackforge.com/attackforge-enterprise/modules/ai-model-context-protocol-mcp#get-file) - The Get File tool can be used to get the metadata and binary content of an AttackForge File by supplying its id. This is useful for retrieving evidence files attached to Vulnerabilities or files attached to Writeups. > If you missed [our release on AI Model Context Protocol (MCP)](https://support.attackforge.com/release-notes/2025#id-19-december-2025) - make sure to check it out to see how you can work smarter, not harder! ### Flows Updates We've made our Workflow Automation Engine [Flows](https://support.attackforge.com/attackforge-enterprise/modules/flows) even better! 🤖 #### New Events * [**project-reporting-updated**](https://support.attackforge.com/attackforge-enterprise/modules/self-service-events-api/project-reporting-updated) - Handle event when Project Reporting page is updated. * [**project-reporting-file-uploaded**](https://support.attackforge.com/attackforge-enterprise/modules/self-service-events-api/project-reporting-file-uploaded) - Handle event when a file is uploaded to the Project Reporting page. * [**project-summary-updated**](https://support.attackforge.com/attackforge-enterprise/modules/self-service-events-api/project-summary-updated) - Handle event when Project Summary page is updated. * [**project-summary-file-uploaded**](https://support.attackforge.com/attackforge-enterprise/modules/self-service-events-api/project-summary-file-uploaded) - Handle event when a file is uploaded to the Project Summary page. * [**vulnerability-remediation-note-file-uploaded**](https://support.attackforge.com/attackforge-enterprise/modules/self-service-events-api/vulnerability-remediation-note-file-uploaded) - Handle event when a file is uploaded to a Vulnerability Remediation Note. #### Updates to Events * [**project\_created**](https://support.attackforge.com/attackforge-enterprise/modules/self-service-events-api/project-created) - Added `"project_request_id"` to the payload. * [**project\_updated**](https://support.attackforge.com/attackforge-enterprise/modules/self-service-events-api/project-updated) - Added `"project_request_id"` to the payload. * [**vulnerability\_created**](https://support.attackforge.com/attackforge-enterprise/modules/self-service-events-api/vulnerability-created) - Added `"vulnerability_library_id"` to the payload. * [**vulnerability\_updated**](https://support.attackforge.com/attackforge-enterprise/modules/self-service-events-api/vulnerability-updated) - Added `"vulnerability_library_id"` to the payload. ### AFScript Updates We've powered-up 🔋 our in-app scripting language [AFScript](https://support.attackforge.com/attackforge-enterprise/afscript) to make writing scripts even easier! #### New Functions * [**String.match()**](https://support.attackforge.com/attackforge-enterprise/afscript#strings) - Use this function to perform a match against a regular expression. * [**String.matchAll()**](https://support.attackforge.com/attackforge-enterprise/afscript#strings) - Use this function to perform a match against a regular expression, and return all results. ### Self-Service API Updates We're always improving our Self-Service APIs to make automations and integrations even easier! 💪 #### New REST APIs * [**UpdateProjectRequestAccess**](https://support.attackforge.com/attackforge-enterprise/modules/self-service-restful-api/updateprojectrequestaccess) - Patch the ACL (Access Control List) on a Project Request. * [**UpdateProjectAccess**](https://support.attackforge.com/attackforge-enterprise/modules/self-service-restful-api/updateprojectaccess) - Patch the ACL (Access Control List) on a Project. #### Updates to REST APIs * [**UpdateVulnerability**](https://support.attackforge.com/attackforge-enterprise/modules/self-service-restful-api/updatevulnerability) - now supports `"reason"` on status changes. * [**UpdateVulnerabilityWithLibrary**](https://support.attackforge.com/attackforge-enterprise/modules/self-service-restful-api/updatevulnerabilitywithlibrary) - now supports `"reason"` on status changes. * [**GetVulnerabilities**](https://support.attackforge.com/attackforge-enterprise/modules/self-service-restful-api/getvulnerabilities) - now supports `"resolution"` in *Advanced Query Filter (Q filter)* and `"vulnerability_resolution_type"` in vulnerability response. * [**GetVulnerability**](https://support.attackforge.com/attackforge-enterprise/modules/self-service-restful-api/getvulnerability) - now supports `"vulnerability_resolution_type"` in vulnerability response. * [**GetVulnerabilitiesByAssetName**](https://support.attackforge.com/attackforge-enterprise/modules/self-service-restful-api/getvulnerabilitiesbyassetname) - now supports `"vulnerability_resolution_type"` in vulnerability response. * [**GetVulnerabilitiesByGroup**](https://support.attackforge.com/attackforge-enterprise/modules/self-service-restful-api/getvulnerabilitiesbygroup) - now supports `"vulnerability_resolution_type"` in vulnerability response. * [**GetProjectVulnerabilities**](https://support.attackforge.com/attackforge-enterprise/modules/self-service-restful-api/getprojectvulnerabilities) - now supports `"vulnerability_resolution_type"` in vulnerability response. * [**GetProjectsAndVulnerabilities**](https://support.attackforge.com/attackforge-enterprise/modules/self-service-restful-api/getprojectsandvulnerabilities) - now supports `"vulnerability_resolution_type"` in vulnerability response.