Made For Security Teams
Core helps security teams increase speed & quality of penetration testing reports. You get a client portal with workflows to unify pentesting across your team and enterprise. You can also measure effectiveness & prove value of your penetration testing program & services.
Save Time
High-quality customisable reports, on-demand and when you need them.
Save Effort
Integrated, Centralised & Rich Write-ups Library. Speak a consistent language.
Save Money
Tools and workflows to reduce project overheads and costs by up to 40%.
Team Collaboration
Business, Technology and Security teams collaborating in one place.
Methodology
Pre-loaded with industry benchmarks - for efficient & auditable testing.
Clearer View
See your organistion's vulnerable areas. Know your real weaknesses.
Still interested? Request a Demo
Core
Core is built & optimized for Consultancies & Small-to-Medium Enterprises.
Core will help you deliver penetration testing program and pentesting services to your customers. It has workflows to cover all of your needs.
For consultancies - it gives you a Pentest-As-A-Service (PTaaS) platform out-of-the-box.
Core is a cloud-only, fully-managed & whitelabelled solution - hosted on dedicated single-tenant infrastructure in any Microsoft Azure region of your choice.
Custom Reporting
AttackForge ReportGen Is The Easiest-to-Use Pentest Reporting Tool Available!
Create fully customized reports in minutes with no programming required! Based on DOCX templates that you can style. 10x templates are available for free! Reporting is no longer a worry with AttackForge ReportGen!
Analytics
Know Your Security Posture - At Any Time
Track vulnerabilities over time, across customers, organisation or individual business units. Track vulnerabilities by SLAs. Compare against periods of time. Know what are your Top 10 Most Vulnerable Assets, Top 10 Most Common Vulnerabilities and Top 10 Failed Testcases. Measure your Mean-Time-To-Remediate (MTTR). Better plan your investment in training and awareness. Executive and line reporting out of the box.
Methodologies & Runbooks
Industry Standard Benchmarks and Methodologies
Enterprise is loaded with industry benchmarks from OWASP, NIST, PCI, OSSTMM and others. Enforce and Control exactly how you want it tested, every time. Bring standardization and consistency to your pentesting projects & program. Keep your customers & auditors happy.
Libraries
Centralized Libraries. Unified Vulnerability Language.
Create standardized vulnerability definitions and recommendations. Ensure your teams are all speaking the same language. Reduce time & effort on review cycles. Bring vulnerabilites immediately to development teams and engineers - Reduce Time-To-Remediate (TTR).
Collaboration
Bring Business, Engineering & Security Teams Together.
Connect with your teams on every project. Exchange vulnerability information fast, so you can remediate even faster! Integrations with Microsoft Teams, Slack, and Discord.
Scheduling
Schedule and Plan Your Testing Program
Keep on top of your testing program. Let your customers request new projects in a standardized way. Track projects in the pipeline. Availability assistant & detailed planner to help manage resources effectively.
Search
Vulnerability Information When You Need It
Search helps you to find the vulnerability information you need. Search vulnerabilities by asset; discover vulnerabilities within a group; find vulnerabilities by title; or dill-down by tags. Answer the tough questions within a fraction of the time!
Attack Chains
See Attack From Hackers Perspective
Attack Chains help demonstrate exactly what an attacker is doing at every step - in a simple and clear visual story. Understand how vulnerabilities can be grouped together to cause devastating attacks against your organisational assets. Map Attack Chains to MITRE ATT&CK® Framework in minutes!
Import Vulnerabilities
AttackForge Connector Helps You Import Vulnerabilities From Tools, Platforms and Scripts
AttackForge Connector helps you import vulnerabilities to your projects from tools such as Tenable Nessus and Burp Suite Proxy. Or you can use the API for custom imports.
Export Vulnerabilities*
AttackForge Helps You Export Vulnerabilities Into Your Enterprise Ecosystem
AttackForge helps you export vulnerabilities to your enterprise ecosystem and ticketing tools, including JIRA, ServiceNow, Azure DevOps and more. * Priced separately
Retesting
Track Remediation Efforts and Retesting
Know if and when vulnerabilities are remediated or fixed. Transparency and traceability - audit logs & recorded history for every vulnerability. Request, track & perform retesting.
Review Workflows
QA Finally Made Easy!
Efficient workflows to review and QA vulnerabilities with your teams. Communication & notifications to keep your teams updated. You can QA every vulnerability on your pentest from just one screen! How good is that!?
Global Dashboard
Single Pane of Glass Into Your Security
Monitor how your organisation is performing against its security & penetration testing program. Drill-down on key vulnerabilities and projects. Track performance of projects and make more informed decisions.
Group Dashboard
Monitor Your Business Units
Keep on top of your security posture for a business unit, division, subsidiary, 3rd party or team – know which areas in your organisation are doing well or which areas need improvement. Group membership provides easy to manage access controls for your teams.
Project Dashboard
Control Panel For Your Pentests
View testing progress & vulnerabilities for your projects - at a glance. Download reports in multiple formats. Export vulnerabilities into ticketing systems. View daily tracking. Participate in team chats. Create fully custom reports. View attack chains.
Daily Progress Tracking
Easily Track Pentesting Progress
Track how your projects are performing – on a daily basis. Know if issues are being experienced & when they are resolved. Get to know your project team. Daily breakdown of vulnerabilities found & test cases actioned.
Themes
Personalise Your Theme
Enable different themes based on your mood and preference. Discover themes such as Stealth Mode, The Matrix, Lightning, Halloween, RedBack, Neptune, Firestorm, Lost Woods & Amethyst.
Need Help? Check out our Support Site
Pricing
Core 50
50 projects per year
$18K
per year
50 Projects Per Year
50 Users
12-Months Licence
Private Dedicated Infrastructure in
Azure Region of Your Choice
Whitelabelled For Your Organization
10 Groups (Teams / Customers / Business Units)
Standard Support SLA
Upgrades & Enhancements
Support Centre
Access to AF Ticketing System
All amounts are in US Dollars
Core 100
100 projects per year
$22K
per year
100 Projects Per Year
50 Users
12-Months Licence
Private Dedicated Infrastructure in
Azure Region of Your Choice
Whitelabelled For Your Organization
10 Groups (Teams / Customers / Business Units)
Standard Support SLA
Upgrades & Enhancements
Support Centre
Access to AF Ticketing System
All amounts are in US Dollars
Core 150
150 projects per year
$25K
per year
150 Projects Per Year
50 Users
12-Months Licence
Private Dedicated Infrastructure in
Azure Region of Your Choice
Whitelabelled For Your Organization
10 Groups (Teams / Customers / Business Units)
Standard Support SLA
Upgrades & Enhancements
Support Centre
Access to AF Ticketing System
All amounts are in US Dollars
Core |
||||
Deployment |
||||
|---|---|---|---|---|
| Dedicated Infrastructure / Single Tenant Hosted in Microsoft Azure Region of Your Choice, Fully Managed Service | ||||
| Handover SLA | 5 days | |||
| Custom Domain | ||||
| Whitelabelled / Company Logo | ||||
| Two-Factor Authentication (2FA) | ||||
| IP-Whitelisting & Network Access Controls | ||||
| Single Sign On (SSO) | * Premium | |||
| Custom Tenant Configurations | * Limited | |||
Licence & Fees |
||||
|
12-Month Licence * billed in US dollars |
$18K / $22K / $25K | |||
|
Included Projects Per Year |
50 / 100 / 150 | |||
|
Additional Projects |
$150 per project | |||
|
Users |
50 | |||
|
Assets |
Unlimited | |||
|
Uploads |
Unlimited | |||
|
Groups (Teams / Customers / Business Units) |
10 | |||
| Upgrades to Latest Features | ||||
Support |
||||
| Ticketing System | ||||
| Support SLA | Standard | |||
| Support Centre & Training Videos | ||||
| Training Workshops | 1 | |||
Reporting |
||||
| Professional On-Demand Reports (PDF, DOCX, HTML, CSV, JSON) | ||||
| Customizable On-Demand Reports (PDF, DOCX, HTML, CSV, JSON) | ||||
| AttackForge ReportGen - 10x Starter DOCX Templates with No-Code Required | ||||
| Quality Assurance (QA) Workflow & Revision Notes | ||||
| Group Reports | ||||
| AttackForge ReportGen Offline - For Custom Reports In Your Own Styles, Templates | ||||
| AttackForge ReportGen Integrated - For Custom Reports On-Demand | ||||
Vulnerabilities |
||||
| Global Dashboard | ||||
| Rules-Based Vulnerability SLAs | ||||
| Remediation Plans | ||||
| Advanced Search | ||||
| Attack Chains | ||||
| Integration with CI/CD tools - JIRA, ServiceNow, Azure DevOps | * Premium | |||
| Integration with Vulnerability Management Tools | * Premium | |||
| Retest Workflows | ||||
| Custom Fields & Forms | ||||
| Full Support for CVSS v3.1 | ||||
Projects |
||||
| Dashboards & Project Tracking | ||||
| Dedicated Secure Workspace for Every Project | ||||
| Scheduling & Calendar | ||||
| Resource Management | ||||
| Roles-Based Access Controls | ||||
| Project Request Workflows | ||||
| Custom Notifications | ||||
| Custom Fields & Forms | ||||
| Integration with Collaboration tools - MS Teams, Slack, Discord | ||||
Libraries |
||||
| Centralized & Customizable Vulnerability Templates | ||||
| Custom Vulnerability Libraries with Access Controls | ||||
| Pre-loaded Vulnerability Templates from CWE & CAPEC | ||||
| Centralized & Customizable Test Suites & Methodologies/Runbooks | ||||
| Pre-loaded Test Suites from OWASP, OSSTMM & Others | ||||
| Custom Fields & Forms | ||||
Assets |
||||
| Asset Management & Register | * Premium | |||
Groups |
||||
| Groups (Teams / Customers / Business Units) | 10 | |||
| Group Dashboard & Tracking | ||||
| Link Groups to Project, Vulnerabilities, Users | ||||
| Link Groups to Active Directory (AD) / Identity Provider (IDP) | * Premium | |||
Analytics |
||||
| Analytics Dashboard | ||||
| Trend Analysis & Comparison | * Premium | |||
| Personalize Analytics Dashboard | * Premium | |||
Portfolios & Work Streams |
||||
| Create Portfolios to Manage Your Security Testing Programs | * Premium | |||
| Track BAU Testing Activities in Work Streams | * Premium | |||
Self-Service API |
||||
| 80+ Documented APIs with Examples | * Premium | |||
Notifications |
||||
| Project Event Notifications | ||||
| Custom Global Notifications (Daily Updates, SLAs, Overruns, etc.) | * Premium |
Need help choosing? We've got you covered
For Peace of Mind
As a software security provider, AttackForge is committed to providing highly secure and reliable software for our customers. Check Out Our Full Security Statement