August 2024 Release – User Experience Focused Release!
2024-08-29 Stas Filshtinskiy 2024-08-29 Stas Filshtinskiy

August 2024 Release – User Experience Focused Release!

This release is mainly focused on User Experience!

Here we have it:

  • Enhanced Image Support and File Management

  • File manager accessible within rich-text fields

  • New Pentest Report Template is Out!

  • Cloud Testing Methodologies added to the standard set of Test Suites.

  • Notifications on changed Writeups in a your writeup library

  • Invite User to AttackForge by Email Address

  • Advanced Table controls

  • Updates to Self-Service API

Read More
May 2024 Release – Another Release – yet another set of excellent features – and no hyped BS!
2024-05-31 Stas Filshtinskiy 2024-05-31 Stas Filshtinskiy

May 2024 Release – Another Release – yet another set of excellent features – and no hyped BS!

This release has two great parts.

Part I – a groundbreaking integration and a new set of features.
What is groundbreaking in another integration? Actually – this is the first ever integration between a Pentesting Management Platform and a Security Learning platform. I will have a separate blog post about it later this week.

Part II – usual extensive list of new features~
Here we go in no particular order:

- Project Test Case Custom Fields – enabling true Purple-Teaming
- Project Request workflow improvements (big ones!)
- New Time-Based custom email notification options
- New options for Import Vulnerabilities
- UX Enhancements
- Reporting updates
- Updates to Self-Service API

Read More
January 2024 Release – starting the year with a BANG!
2024-01-31 Stas Filshtinskiy 2024-01-31 Stas Filshtinskiy

January 2024 Release – starting the year with a BANG!

January 2024 Release - Starting year with a BANG!

This release is focused on Enterprise capabilities!

  • Asset Libraries - with access control and ability to import assets

  • Portfolios Enhancements - Portfolio module and analytics are now available for all users – with proper access controls

  • Current MITRE ATT&CK Testing Methodologies, MITRE CWE and CAPEC Vulnerability Libraries

  • And many more - see inside!

Read More
October 2023 Release – one of the biggest ever!
2023-10-30 Stas Filshtinskiy 2023-10-30 Stas Filshtinskiy

October 2023 Release – one of the biggest ever!

Our product team has outdone themselves.

Again!

Condensed list of new features can barely fit in two pages!

And all of that – in one quarter!

Some ten-times bigger organisations😉would deliver less in a year than AttackForge engineers did in a single quarter!

This is how great our engineers are!

Read More
AttackForge ReportGen CLI tool is out!
2023-09-06 Stas Filshtinskiy 2023-09-06 Stas Filshtinskiy

AttackForge ReportGen CLI tool is out!

Our engineers have released this new feature: AttackForge ReportGen Command Line Interface tool and the equivalent Node.js library.
Who and why would you need a non-interactive method of pentest report generation?
In fact - large AttackForge customers requested this feature. There are several benefits of having the ability to generate reports without interactive access to a portal.

Read More
July 2023 Release is out!
2023-07-30 Stas Filshtinskiy 2023-07-30 Stas Filshtinskiy

July 2023 Release is out!

While everyone is going to Las Vegas Summer camp - AttackForge launches July 2023 Release.

Here are some of the big features included in this release:

  • New and improved Workflows for Infrastructure Pentesting.

  • Huge update to ReportGen – new free templates, custom styles, new filters, and ReportGen GitHub Community site

  • Import of results from NMAP and Masscan

  • User Experience improvements

  • New functionality withing existing workflows
    - New Custom Field type – List
    - Ability to select vulnerabilities when exporting a projects’ JSON file
    - View Asset Module Data within Project Scope screen-

  • As always – updates to Self-Service API

Read More
April 2023 Release is out!
2023-03-17 Stas Filshtinskiy 2023-03-17 Stas Filshtinskiy

April 2023 Release is out!

This is the first release since AttackForge V2 was launched in January. What is your expectation – do you think our engineers slowed down after the V2?
No! This is another huge release filled to the brim with features!
Here are some of them:

  • Significant extension of Custom Fields capabilities

  • Ability to restrict access to reporting templates – now administrator could set who can access to which reporting templates.

  • Vulnerabilities could be linked between different projects.

  • Reports can be created against a hand-picked subset of vulnerabilities.

  • Updated ReportGen 2.6

  • Update to Qualys parser – to support the new format.

    And many other features.

Read More
Presenting AttackForge October 2022 Release!
2022-10-10 Stas Filshtinskiy 2022-10-10 Stas Filshtinskiy

Presenting AttackForge October 2022 Release!

We have been very busy the last three months!
Hacker Summer Camp in Las Vegas, road trip visiting our clients across the USA…

Great time, great food and – the most important – great feedback. Thank you everyone for your hospitality and you feedback!
So - here it is - our October 2022 release:

  • Delegations - making life easier for admins

  • Smart Vulnerability Imports - mapping your tools vulns to your library

  • Extended project cloning functionality

  • Improved analytics

  • Bulk adding of remediation notes

  • UX Improvements, as always 😊

  • Updates to Self-Service API - as usual

  • ReportGen 2.4

Read More
Presenting AttackForge July 2022 Release!
2022-07-17 Stas Filshtinskiy 2022-07-17 Stas Filshtinskiy

Presenting AttackForge July 2022 Release!

Presenting AttackForge July 2022 Release!

We launched new product last week – AttackForge Core: Action Pack, but that will be in the next post.

This post is about this release - we have delivered a lot over past two months!

The focus has been on enhancing the features that made AttackForge so valuable for our customers.

  • Advanced Email notification

  • Enhancing Test Suite module with execution flows, notes, and associated evidence.

  • New version of ReportGen

  • And much more - check inside!

Read More
AttackForge May 2022 Release is out!
2022-05-16 Stas Filshtinskiy 2022-05-16 Stas Filshtinskiy

AttackForge May 2022 Release is out!

Another exciting release this month!

  • Project Clone capabilities – how many times did we want to simplify running recurring rounds of pentesting?

  • ReportGen v2.2 - with updated filtering capabilities, concept of Parent object, and styles for Executive Summary

  • Executive Summary with Rich Text support, WYSIWYG in UI, and Review Notes for better QA!

  • More control of user accounts

  • UX Improvements

  • New configuration options

  • And – as always - updates to Self-Service API!

Read More
New Release: March 2022
2022-03-13 Stas Filshtinskiy 2022-03-13 Stas Filshtinskiy

New Release: March 2022

Another big release. A lot of great features for our customers!

  • We introduced Vulnerability SLAs and Remediation Plans – to help security managers and platform owners to track vulnerabilities and remediation activities against their organisation’s policies

  • Custom fields for Assets – to capture organisation specific information about assets, so it is easier to focus pentesting activities on the most critical assets

  • Another update to our best-of-breed reporting engine ReportGen – introduction of sophisticated logic and diagnostics – to further empower our customers

  • Improved Retest workflow

  • New configuration options for Single Sign-On with multiple Identity Providers

  • UX improvements across multiple modules

  • And – as always - updates to Self-Service API

Read More
Pandemic or New Year – AttackForge Release Must Go On!
2022-01-17 Stas Filshtinskiy 2022-01-17 Stas Filshtinskiy

Pandemic or New Year – AttackForge Release Must Go On!

Pandemic or New Year – AttackForge Release Must Go On!

Happy New Year and Happy New Release! This one is definitely big and full of great stuff!

  • Custom Vulnerability Libraries – to make sure that your vulnerability write-ups are easy to manage and control

  • Second generation of AttackForge famous ReportGen tool,

  • Introduction of endpoints to Assets – making tracking and remediation of vulnerabilities more granular and visible.

    And many more…

Read More
New Release: November2021
2021-11-08 Stas Filshtinskiy 2021-11-08 Stas Filshtinskiy

New Release: November2021

This release is all about User Experience and Customization!

  • Introduction of three distinct centralized Vulnerability Libraries

  • Custom forms, fields, and conditions

  • Group project access control management

  • Further improvements to global dashboard

  • Updates to ReportGen

  • Updates to Self-Service API

Read More
Part 4. People
2021-09-22 Stas Filshtinskiy 2021-09-22 Stas Filshtinskiy

Part 4. People

This purpose of this article is to identify the People component of the solution.

Let’s look at the list of roles necessary to implement the process and structure described in the second article

Read More