We’re passionate about simplifying and demystifying pentesting.
Boostraped product when running a consultancy delivering pentest services to organizations.
Launched a light, accessible version of AttackForge to benefit students and amateur pentesters.
AttackForge has paying customers on every continent (except Antarctica).
Launched our first ever on-demand dedicated tenant platform - extending the global reach to Core.
Released a major upgrade to Core and Enterprise built from the ground up.
Pentesting is archaic and disconnected between Business, Technology and Security teams. Reports are manual, static, and delivered sometimes weeks after vulnerabilities are first discovered. Pentesters and Developers aren't collaborating. Pentesters are getting burned out. The disconnect and frustration between all parties is costing big - in wasted effort, wasted time and wasted costs.
We have built a platform and related technologies to fix these problems. To embrace the age of collaboration. To make communication, collaboration, transparency and reporting much easier, and eliminate many of the pain points for a typical pentest project.
Being on both sides of pentesting is both thrilling and painful. It is thrilling to see the excitement when someone gets a shell on a server that is n-levels deep. But it's painful to see it happen time and time again, with the same attack from a decade ago.
It is thrilling when issues get fixed, and fast. But it's painful when developers have to wait weeks for a hundred page report, when only five pages are actually relevant to them. And most painful of all is when two of your friends - one a pentester and one a development lead - are arguing over a few vulnerabilities, weeks after the end of a pentest, and many weeks behind go-live deadline, whilst both being correct in their own right.
We see AttackForge as a place where everyone involved in penetration testing can get together and truly collaborate, set aside their differences and work towards the greater cause.