New Release: January 2021
Welcome to our first update in 2021. Hope everyone had a good break and we wish you prosperous and, most importantly – healthy year ahead!
This update is quite big. Even BIG 😉.
The focus of our engineering team this time was on the improvement of User Experience. I will elaborate on a few of the changes. For the full list of changes, you can find this in the usual place – on our Support site.
Scheduling
When one schedules a pentest and assigns a pentester to work on the project - it is good to know if that pentester has been already booked for another project. Double booking is not good for business, and … upsets … pentesters. We’ve been there, on all three sides – those who were double-booked, those who double-book, and those who were serviced by double-booked pentesters. Not good. So our engineering team added an availability checker to the screen when pentesters are being assigned to projects. We also included a Calendar view for good measure – just to make sure that double-booking is easy to avoid.
Project roles
Our vision of AttackForge is focused on collaboration. Collaboration between security people, engineers, and business. This is why all AttackForge Enterprise plans have unlimited users. We want you to get as many people are you need to collaborate on your pentests.
Our clients, who had used AttackForge for some time now & collaborate intensely, came back with a feature request – to see who is performing what role on the project. There are many people involved. Some of them are pentesters, security managers, business reps, engineers and architects, project managers, SOC analysts. It helps to understand each other roles when you work on a project.
Now you can do it – just assign an appropriate role and the team will see it.
Oh! It does not affect the level of access to the project. Access must be granted explicitly either through groups membership, or project access functionality.
Custom Email Notifications on New Vulnerabilities
One of the most common pains for all involved with pentesting is that it is performed at the end of project delivery. Every minute of delay from GO-LIVE costs a lot of money in burn rate and opportunity cost. The earlier engineers can learn (and fix) what pentesters have found – the happier the business is.
This update allows you to create a custom notification emails for the new vulnerability discovered to be sent to the project team, immediately on discovery.
You can also send the emails to additional recipients which are not yet on the project team, such as SOC teams.
The are many meta tags that can be used. The full list and details are on our support site:
More updates:
Integration with Accunetix is added.
Login redirects is supported to help your users & customers access the AttackForge page they need, quickly and efficiently.
Projects OnHover Feature allows to view the project status/update by hovering over the project name.
New tags added to ReportGen, and offline diagnostic tool now available to help you with building your own custom ReportGen templates for AttackForge Enterprise.
Updates to Self-Service API.
Ability to order test suites and test cases.
And many others