Presenting AttackForge October 2022 Release!
The last three months were busy. I mean Good busy!
AttackForge leadership team came to Hacker Summer Camp in Las Vegas. But before all the hype of Black Hat, and all the masks and queues of Defcon (you know what I mean if you were there) – we had a great time walking through Antilope Canyon, being amazed of Grand Canyon, and kayaking on Colorado River.
After Las Vegas we visited our clients in the USA – from East to West coast, and from Canadian to Mexican border. Great time, great food and – the most important – great feedback. Thank you everyone for your hospitality! We learned a lot and our new releases (including this one) will reflect that!
Ok. Let’s get back to October 2022 release.
The focus of this release is to make life easier for AttackForge administrators and senior pentesters:
Delegations
Administrators can now delegate specific privileged tasks to individual users. This allows to offload work from administrators and improve efficiency of managing big pentesting programs
Smart Vulnerability Imports
Imported vulnerabilities can be smart mapped against approved vulnerability library writeups. This also allow to consolidate different vulnerabilities into single writeups!
Extended project cloning functionality
Project cloning functionality is extended to support project requests, and multiple cloning options
Improved analytics
Analytics can be filtered by excluding particular groups.
Bulk adding of remediation notes
When multiple vulnerabilities are being remediated it is quite often that the same remediation notes should apply. This functionality makes it easy.
UX Improvements, as always 😊
o Customisable projects table in Portfolios
o New improvements to scheduling – in User schedule module
o Introduction of Global Pending Vulnerabilities in the global dashboard
Updates to Self-Service API
Self-Service API is always extending – we listen to the needs of our customers – and we add new and extend existing end points. Backwards compatibility is maintained.
ReportGen 2.4
New version of AttackForge ReportGen
Delegation
Administrators and privileged users of AttackForge usually are quite busy. So, naturally, delegation is needed. It reduces the burden on admins and privileged users and empower trusted individuals with autonomy to perform more tasks in AttackForge.
This release includes functionality for administrators to delegate the privileges required for specific tasks and workflows to other users of AttackForge platform. Specific roles or individual uses could be granted key privileges such as:
Create Projects
User(s) can create new projects; edit their projects; and manage access to their projects.
Action Pending Project Requests
User(s) can view, edit, approve, reject, and request information for all pending project requests.
Individual user delegations can be granted and managed via the Users module. Global delegations can be applied via the Administration module.
Smart Vulnerability Imports
Importing vulnerabilities from different tools can be… very laborious. Especially when you need to adjust the input from tools before it can be presented to the customers or business stakeholders.
So, our engineering team has implemented a new feature – smart mapping – giving pentesters greater control over how vulnerabilities are imported and mapped to existing writeups in the vulnerability library.
Smart import gives you options to:
Combine vulnerabilities into a single unique writeup
Ensure your imported vulnerabilities are matched against approved customer-ready write-ups
Speed up your quality assurance and review process
Keep your vulnerability library clean - reducing the amount of duplicate and similar entries
For example, if you have three vulnerabilities related to misconfiguration of TLS:
SSL Version 2 and 3 Protocol Detection
TLS Version 1.0 Protocol Detection
TLS Version 1.1 Protocol Detection
And you want them to be presented as one writeup – Weak TLS Implementation – now you can do it with a single custom mapping expression!
It would take too much space to describe how powerful the mapping engine is – check our Support centre: https://support.attackforge.com/attackforge-enterprise/getting-started/creating-vulnerabilities#custom-import-mapping
Extended project cloning functionality
Project cloning was introduced in the last release. The purpose of this functionality is to reduce the efforts when preparing and tracking another round of testing on the assets that were previously tested. This release we added ability to clone project from the project request workflow. So now administrators can approve a project request and clone the resulting project from the existing project, with tracking of associated vulnerabilities and scoping information.
More information on Project Cloning is on our support site: https://support.attackforge.com/attackforge-enterprise/getting-started/creating-and-managing-projects#cloning-projects
Improved analytics
Analytics and Trend Analysis is one of the most important features of AttackForge. It allows to see the bigger picture across the penetration testing program. Filtering using groups and dates allows to compare the performance of pentesting program across different business units and across the time.
Our client has been successfully using analytics extensively. And they came with interesting feedback. The feedback was to add negative filters – for example to exclude a particular group from the analytics. One of the use cases was to be able exclude the results of bug bounty program from the analytics. And our developers delivered that.
Bulk adding of remediation notes
Remediation activities on a project is often done in big blocks. Some time entire classes of vulnerabilities are fixed in one go. Or (as we all seen) a lot of vulnerabilities might be risk accepted by the business. In all those cases a pentester tasked with reviewing the remediations is required to update multiple vulnerabilities. This is boring task. And AttackForge goal is to free pentesters from the boring tasks! So, we introduced ability to add remediation notes to multiple vulnerabilities fast – though bulk update functionality.
UX Improvements
As always – multiple updates to UI. Project table can be customised - table columns, visibility, pagination, order, etc. can be reconfigured in portfolios and streams.
User schedule is improved – adding more data for users when viewing the schedule and related projects. All projects are now color-coded, you can easily track the status of each project assigned to the user. We have also included more information for each project - including Roles which helps to better understand and filter the users’ role on each project.
Introduction of Global Pending Vulnerabilities in the global dashboard makes it easier to track vulnerabilities that are still under quality review.
Updates to Self-Service API
Regular extension of AttackForge Self-Service API is part of nearly every release. This time two new REST methods are added and five updated. More end points – better integration for our customers.
ReportGen 2.4
ReportGen has an exciting new set of features:
Updates to Filters
FilterBy now includes 'AffectedAssetProperties', 'AffectedAssetCustomFields', 'AffectedAssetCustomFields-CountVulns'
Performance boost
Now AttackForge is even faster
UX improvement
Bug fixes.
Other Functionality
Assignment of default role for new registrations
Improvement for custom fields
Ability to disable Attack Scenario field when creating or editing a write-up in the vulnerability library
Custom test for sign-in page
Custom mapping for JIRA export
Configure template steps for Proof of Concept / Steps to Reproduce fields when adding vulnerabilities.
Full details are in the Release Notes, as usual!