Cyber Security Hub® - Connecting People. Delivering Security.®

AttackForge Benefits

	Business	Technology	Security
GO TO MARKET FASTER Slash remediation time. Reduce project burn rate
COLLABORATION Bring Business, IT & Security together
COST SAVINGS Reduce project overheads and costs by up to 40%
VISIBILITY See all vulnerabilities across organisation / portfolio / client
TRANSPARENCY Know what was (and was not) tested - every time
CONSISTENCY Standard vulnerability terminology and language
CLARITY Detailed information for every vulnerability
TRACEABILITY Know what is fixed and not fixed
DEPTH Search all your systems to find their vulnerabilities & status
CONSOLIDATION All your vulnerabilites and projects securely in one place
SIMPLICITY Dashboards and tools to help you
ANALYTICS Deep discovery - most common vulnerabilities / trends over time
SECURITY Mandatory MFA, Encryption, others - you're in good hands

Pentesters Business Enterprise
GO TO MARKET FASTER Slash remediation time. Reduce project burn rate
COLLABORATION Bring Business, IT & Security together
COST SAVINGS Reduce project overheads and costs by up to 40%
VISIBILITY See all vulnerabilities across organisation / portfolio / clientbase
TRANSPARENCY Know what was (and was not) tested - every time
CONSISTENCY Standard vulnerability terminology and language
CLARITY Detailed information for every vulnerability
TRACEABILITY Know what is fixed and not fixed
DEPTH Search all your systems to find their vulnerabilities & status
CONSOLIDATION All your vulnerabilites and projects securely in one place
SIMPLICITY Dashboards and tools to help you
ANALYTICS Deep discovery - most common vulnerabilities / trends over time
SECURITY Mandatory MFA, Encryption, others - you're in good hands

Consulting services

Penetration Testing

Vulnerability Assessment

Social Engineering

Security Training

Source Code Review

Wireless Assessment

Hardware Hacking

Governance, Risk & Compliance

PENETRATION TESTING Made Easy

AttackForge.com is a free-to-use collaboration platform for pentesters and business to help you manage your own security and penetration testing projects. It's like Atlassian JIRA.. but for security.

AttackForge.com was initially developed to help pentesters reduce the amount of time they spent doing distracting things other than pentesting. It’s the first dedicated client-facing collaboration platform for pentesting – unlike other similar tools which focus on aggregation of scanning output or report generation only.

Attackforge.com can significantly increase actual time spent testing. It helps people quickly create projects and give access to pentesters and the business so they can collaborate and get started on testing sooner. It has an integrated issue library with over 1300 vulnerability definitions from CWE and CAPEC, and takes on average less than 30 seconds to add a finding on a pentest. All reporting is automated, on-demand and near real-time - that means pentesters no longer need to manually create reports; and business no longer needs to wait to recieve reports, and can immediately see issues as they are discovered and export them to own JIRA Cloud project so developers can start remediation straight away.

AttackForge.com has other collaboration tools as well to make collaboration easy for pentesters and the business. This includes email notifications on start/stop testing daily; Slack integration for private communication; ability to add people to Teams to share knowledge; calendar to schedule to plan upcoming projects; remediation tracking for all vulnerabilities; and analytics to provide greater insight across range of pentests.

AttackForge.com integrates best practice testing benchmarks which helps business understand what the pentester is actually testing, and helps pentester structure their testing. Pentesters can also create their own benchmarks or test suites for specific clients or projects.

AttackForge.com makes communication, collaboration, transparency and reporting much easier, and eliminates many of the pain points for a typical pentest project.

Available Now to Help You

Create & Manage Security & Penetration Testing Projects
Calender To Schedule & Plan Testing Activities
Define What Will Be Tested, And How It Will Be Tested
Analytics For All Your Assets & Vulnerabilities
Secure Workspace To Upload Details & Files Necessary For Testing
Secure Chats And Collaboration With Your Project Team
Add Vulnerabilities To Assets, Supported By Visual Attack Chains
View And Control Testing Progress
Manage Vulnerabilities, Including Retesting & Import Into Your JIRA Cloud
Store Testing Logs
On-demand, Automated Executive & Vulnerability Reports in PDF, DOCX & CSV

FEATURED AT BLACKHAT ARSENAL - ASIA 2019

FEATURED AT BLACKHAT ARSENAL - EUROPE 2018

attackforge.com

AttackForge® Enterprise

Pentesting is archaic & disconnected between relevant stakeholders – Business, IT and Security. Reports are manual, static, and delivered after testing completion - which can be weeks after vulnerabilities are first discovered. There is disconnect between all parties.
AttackForge Enterprise is shattering convention and embracing the age of collaboration. Business, IT and Security have never been closer than with AttackForge Enterprise.

AttackForge Enterprise is a purpose built platform to manage large pentesting programs for enterprise; or for consultancies to deliver pentests to their clients. AttackForge Enterprise brings Business, IT & Security together to reduce vulnerability remediation lead time and increase go-to-market speed. AttackForge Enterprise improves communication frequency and quality between pentesters and developers and allows people to communicate and collaborate in one place.

AttackForge Enterprise is proven - put to work in large organisations to help save direct costs, increase visibility and reduce effort on every pentest. AttackForge Enterprise slashes the time taken between discovering a vulnerability to alerting person who can fix the issue, to near real-time. As a result, applications go live faster, projects reduce likelihood and costs of slippage, teams get better value and insight from every pentest, and all parties save time and money by collaborating better, faster and sooner.

AttackForge Enterprise has been proven effective in financial, retail, insurance & consulting sectors. Any organisation that conducts more than 20 pentesting projects annually will benefit greatly from using AttackForge Enterprise.

Dashboard See your security posture on one screen View

Analytics Track & Measure your vulnerabilities over time View

Discover Trends Know your weaknesses across your organisation View

Visual Attack Chains See attack from hackers perspective View

Schedule Keep on top of all your projects View

All Your Reports In One Place In PDF, DOCX & CSV formats View

Project Dashboard Vital project stats one one screen View

Workspace Secure uploads & storage access for project materials View

Notifications Know when each consultant has started testing View

Groups Security posture across business groups / clients View

Testcases Know exactly what is being tested, when & by whom View

Chats Keep up to date with your team View

Expansive Vulnerability Library Every CWE, CAPEC + many more to choose from View

Effortless Reporting Add a vulnerability within matter of minutes, not hours View

All Vulnerability Details You Need Start remediating & fixing issues faster View

Track Remediation & Status Easily track remediation status for all vulnerabilities View

Reporting When you Need It On-demand, automated Executive and Detailed vulnerability reports View

Search Vulnerabilities Per System / Group Know its security posture at any time View

Custom On-Demand Reports Create your own or select from pre-defined templates View

JIRA Integration Easily export your vulnerabilities into your JIRA View

All Your Projects In one place View

Manage Your Own Vulnerability Library Centralised to save on consultants' time View

Custom Test Suites Define what you want tested. Every time View

Profiles For Every Person Get to know your project team View

INTEGRATES WITH INDUSTRY COLLABORATION PRODUCTS

Benefits for your organisation and clients

Increase Go-To-Market Speed

Get vulnerability information back to developers in near-real-time - start fixing issues sooner, stop burning project time/budget on waiting for reports.
Consolidation of all vulnerabilities, testing logs, pieces of evidence, artifacts and screenshots - securely managed in one place. Easy to retrieve & track, and controlled by you.
Securely collaborate and chat. Upload/download files to your workspace, avoid need to use other insecure channels.
Automatic notifications when consultants start & stop testing daily.
Track & monitor status for all your security testing projects and vulnerabilities, in one place.
View calendar to schedule and plan testing activities.
No need for peer / technical report reviews.
No need to manually provide daily updates to stakeholders.
Manage multiple simultaneous projects more effectively & easily.

Build Stronger Market Share

Improve value proposition for new customers – increase sales.
Easy-to-use portal to engage and collaborate with your customers.
Improve retention of existing customers – entice them to stay and maintain their data with you.

See all your vulnerabilities on one screen

View Dashboards across all projects and vulnerabilities - understand security posture for your company, at any given time - on one screen.
See the most common vulnerabilities in your organisation – across all systems/assets.
Visual attack chains to see the attack from a hackers perspective - understand exactly what an attacker is doing at each step. Don't rely on risk-ratings only to determine your remediation plan.
Search for a given system/asset and see its related vulnerabilities and remediation status.
Track remediation for all vulnerabilities.
Detailed information for every vulnerability - ratings, descriptions, attack scenarios, recommendations, proof-of-concepts, evidence, remediation notes, and more.
JIRA integration - directly import your vulnerabilities in to your own JIRA instance.

Make your penetration testing repeatable

View test case progress on a project - know what was tested, who tested it, and when they tested it, and importantly understand what was not tested.
Consistent use of vulnerability language (built on CWE, CAPEC, OWASP, and others). Provides standard/common language when discussing vulnerabilities.
Assurance of repeatable service - Measure progress over time.

Measure your security posture over time

Powerful Analytics for deep discovery - identify vulnerability trends across over time.
Identify your own Top 10 Vulnerabilities & Testcases Leading to Vulnerabilities.

Save thousands on reporting costs

Automatically generated executive & vulnerability reports in PDF, DOCX & CSV - customised to your organisation.
Consistent reporting - whenever you need it.
Stop spending thousands per report.
Reduce Load on Consultants - Increase consultants’ productivity on testing and delivery.
Reduce reporting effort required - No need to write lengthy reports.

Flexible pricing model - 'Pay-as-you-Go'

We offer 'Pay-as-you-Go' as well as fixed-term contracts.
Cancel at any time.

Dedicated Infrastructure In Azure & AWS

White-labeled and personalised to suit your own organisation. Stand out from the rest of the crowd.
Single-tenant environment dedicated to your organisation.
Multi-factor authentication & Certification-ready design.
Other security features to protect your data.

Plans and Pricing

Free

USD $0/month
AttackForge.com

- Create up to 3 projects
- One-Click Automated Reporting
(PDF / DOCX / CSV)
- JIRA & Slack integration
- Remediation Tracking
- Custom vulnerability library with preloaded 1300+ vulnerabilities
- Attack Chains
- Free Forever!

Pro

USD $50/month
AttackForge.com

- Unlimited projects
- Customise your reports
- Invite unlimited users to your projects
- Create teams to pool & share knowledge
- Access powerful analytics
- Custom test suites & test cases
- Unlimited project scope & uploads
- Priorty support

Enterprise

Contact Us
AttackForge.YourCompany.com

- Unlimited users
- Dedicated infrastructure
- On premise or cloud deployment
- Your logo & colours
- Enterprise workflows & capabilities
- Integration into your existing solutions
- Custom reports, dashboards, analytics, workflows
- Enterprise support

	Free	Pro	Enterprise
Vulnerabilities
View by Project, Asset, Priority and Status
Analytics
Tracking against Groups (Clients / Business Units)
Attack Chains
Import Into Your JIRA Project
Detailed Vulnerability Info & Evidence
Remediation Tracking
Manage Vulnerability Library
Share Vulnerability Library with Team
Projects
Create & Manage Projects	(Limit of 3)
Scheduling & Calendar
Tracking against Groups (Clients / Business Units)
Project Summary & Dashboards
Team Profiles & Collaboration
Slack Integration
Secure Workspace For File Uploads	(Limited Storage)
View & Action Test Cases
Manage Test Suites & Methodologies
Share Test Suites & Methodologies with Team
Storage For Testing Logs	(Limited Storage)
User Access Management
Reporting
Automated & On-Demand Reporting
Executive & Custom Reports (PDF & DOCX)
Detailed Vulnerability Reports (PDF, DOCX & CSV)
Group Reports (Clients / Business Units)
Customise Your Reports
Rebrand DOCX For Your Own Needs
Security
Hosted in Azure / AWS
Dedicated Infrastructure For Your Organisation
Mandatory Multi-Factor Authentication (Mobile / Email)
IP-Whitelisting & Network Access Controls
Enterprise User Management
Encrypted Communications & Storage
Enterprise
Unlimited Users
Clients / Stakeholders Request New Projects
Admins Approve / Reject New Projects
Manage Groups (Clients / Business Units)
Custom Domain, Logo & Colours
You Own The Data
API for Custom Integrations
ADFS, LDAP & OAuth Integration
Custom Reports
Custom Dashboards
Custom Analytics
Custom Workflows
Integrate Into Your Own Slack Workspace
Administrative Management
Phone Support
Email Support
On-Site Support

Free
Vulnerabilities
View by Project, Asset, Priority and Status
Attack Chains
Import Into Your JIRA
Detailed Vulnerability Info & Evidence
Remediation Tracking
Manage Vulnerability Library
Projects
Create up to 3 Projects
Scheduling & Calendar
Project Summary & Dashboards
Team Profiles & Collaboration
Slack Integration
Secure Workspace For File Uploads
View & Action Test Cases
Storage For Testing Logs
User Access Management
Reporting
Automated & On-Demand Reporting
Executive Reports (PDF & DOCX)
Detailed Vulnerability Reports (PDF, DOCX & CSV)
Rebrand DOCX For Your Own Needs
Security
Hosted in Azure / AWS
Mandatory Multi-Factor Authentication (Mobile / Email)
Encrypted Communications & Storage
Enterprise
Email Support

Pro
Vulnerabilities
Access Powerful Analytics
Share Vulnerability Library with Team
Projects
Create Unlimited Projects
Unlimited Project Scope / Assets
Invite Unlimited Persons To Your Projects
Manage Test Suites & Methodologies
Share Test Suites & Methodologies with Team
Unlimited Uploads
Reporting
Customise Your Reports
Enterprise
Priority Email Support

Enterprise
Projects
Clients / Stakeholders Request New Projects
Admins Approve / Reject New Projects
Security
Dedicated Infrastructure For Your Organisation
IP-Whitelisting & Network Access Controls
Enterprise User Management
Enterprise
Unlimited Users
Tracking against Groups (Clients / Business Units)
Group Reports (Clients / Business Units)
Manage Groups (Clients / Business Units)
Custom Domain, Logo & Colours
You Own The Data
API for Custom Integrations
ADFS, LDAP & OAuth Integration
Custom Reports
Custom Dashboards
Custom Analytics
Custom Workflows
Administrative Management
Integrate into Your Own Slack Workspace
Phone Support
Email Support
On-Site Support

Meet the team

Fil Filiposki

Stas Filshtinskiy

Some facts about us

500+ Projects Completed

30+ Consultants

15+ Services

50+ Clients & Partners

PROUD SPONSORS OF LOCAl SECURITY EVENTS

BSides Melbourne

OWASP AppSecDay Australia

Client testimonials

A message from our consumers

In the past few years Cyber Security Hub has assisted NPS MedicineWise with a wide variety of specialised security services. All services have been provided on time, on budget, and to a high quality. We have found CyberSec Hub staff extremely easy to engage and do business with. We strongly value our relationship and look forward to future work with them.

Tim Glover, NPS MedicineWise

CSH provide a professional well managed service backed by high quality testers. I would definitely recommend them to other businesses in need of security consulting services.

Julian Berton, SEEK

CSH are great company to work with, their project management and technical expertise is excellent. A must for any pentesting project.

Jay Davis, Indigo IT Labs

Cyber Security Hub have always delivered for us: fast, professional, and friendly – it’s a great partnership.

Mark Pedersen, CTO at KJR

Partnering with Cyber Security Hub takes the heavy lifting out of being an independent security consultant. They manage everything, so I can focus on getting the job done.

Corch, Shogun Cybersecurity

CSH has helped us to create our roadmap to achieve our security strategy. Their teams show great skills, onsite and remotely, and their management are always friendly and accommodating. In light of current cyber threats and challenges, we have the utmost confidence and trust to partner with Cyber Security Hub for our security needs.

Ahmad Alshaer, Milaha (Qatar Navigation)

Welcome to Cyber Security Hub

AttackForge Benefits

Business

Technology

Security

Pentesters

Business

Enterprise

Consulting services

Penetration Testing

Vulnerability Assessment

Social Engineering

Security Training

Source Code Review

Wireless Assessment

Hardware Hacking

Governance, Risk & Compliance

PENETRATION TESTING Made Easy

FEATURED AT BLACKHAT ARSENAL - ASIA 2019

FEATURED AT BLACKHAT ARSENAL - EUROPE 2018

AttackForge® Enterprise

INTEGRATES WITH INDUSTRY COLLABORATION PRODUCTS

Benefits for your organisation and clients

Plans and Pricing

Free

Pro

Enterprise

Free

Pro

Enterprise

Free

Pro

Enterprise

Meet the team

Fil Filiposki

Stas Filshtinskiy

Some facts about us

PROUD SPONSORS OF LOCAl SECURITY EVENTS

BSides Melbourne

OWASP AppSecDay Australia

Client testimonials

A message from our consumers

About us

Contact Us