AttackForge @ RiskyBiz
AttackForge were excited to make our first appearance on Risky.biz. Co-founders Stas & Fil talk about efficient ways of managing large penetration testing programs.
Workflow Management Made Easy
AttackForge® is a suite of penetration testing workflow management & productivity tools, saving time & money on managing pentesting projects and programs.
AttackForge reduces vulnerability remediation times and increases go-to-market speed.
Save Time
High-quality customizable reports, on-demand and at the click of a button.
Save Effort
Integrated, Centralized & Rich Write-ups Library. Stop re-inventing the wheel.
Save Money
Tools and workflows to reduce pentest overheads and costs by up to 40%.
Slash Remediation Times
From pentester to developer in near real-time. Raise issues fast, fix even faster.
Go-To-Market Faster
Avoid burning time and money waiting for reports. Get ready for Go-Live instead!
Clearer View
See your organistion's vulnerable areas. Know your real weaknesses.
Trust Is Everything.
AttackForge Is Trusted Around The World. Across All Industries & Verticals.
Enterprise has proven itself as a powerful tool in the Pen Testing practice
Leveraging the power of AFE, our penetration testers are able to easily collaborate on projects, identify application and infrastructure related vulnerabilities, and provide rapid updates to our customers.
Leveraging the power of AFE, our penetration testers are able to easily collaborate on projects, identify application and infrastructure related vulnerabilities, and provide rapid updates to our customers.
AFE allows us to coordinate our penetration testing efforts by leveraging the calendar and project request systems built into the tool. We have gained the ability to utilize resources more effectively by knowing who is allocated to which project with the click of a button. The dashboard tools available give managers a quick view on priority areas of focus, such as highly exploitable vulnerabilities, total number of vulnerabilities identified, remediation efforts, etc.
The AttackForge team continues to develop a tool for the next generation of penetration testing. They deliver feature asks and new functionality on-time and are receptive to feedback in quick fashion. Finding a platform that suited our needs was a challenge, but AFE has provided flexibility and usability above and beyond initial expectations.
Still intersted? Try Community
A Platform For Everyone
Community is for Freelancers, Bug Bountry Hunters, Students & Small Pentest Teams.
Core is for Consultancies & Small-to-Medium Enterprises.
Enterprise is for Large Enterprises, Government & MSSPs.
COMMUNITY
Community is trusted by security teams all over the world, from boutique consultancies to top-tier organisations. Community makes communication, collaboration, transparency and reporting much easier, and eliminates many of the pain points for a typical pentesting project.
More Info Log In Sign Up
CORE
Core is an affordable & competitive Pentest Management Platform with all the features & workflows you need to manage your penetration testing program, or to provide Pentest-as-a-Service (PTaaS) to your customers.
More Info
ENTERPRISE
Enterprise brings Business, Technology and Security teams together to reduce vulnerability remediation lead times and increase go-to-market speed. Enterprise is proven - put to work in large organisations to help save direct costs, increase visibility and reduce effort on every pentest.
More Info White Paper Case Studies
Passionate about simplifying and demystifying pentesting
Our Mission
Creating technology to help security teams globally better manage penetration testing projects and programs.
Our Vision
To create trusted and rigorous industry standard tools for managing security and penetration testing projects and their related activities.
From The Founders - Fil Filiposki
Pentesting is broken. And we're working hard to fix it.
Pentesting is archaic and disconnected between Business, Technology and Security teams. Reports are manual, static, and delivered sometimes weeks after vulnerabilities are first discovered. Pentesters and Developers aren't collaborating. Pentesters are getting burned out. The disconnect and frustration between all parties is costing big - in wasted effort, wasted time and wasted costs.
We're pioneering a platform and related technologies to fix these problems. To embrace the age of collaboration. To make communication, collaboration, transparency and reporting much easier, and eliminate many of the pain points for a typical pentest project.
From The Founders - Stas Filshtinskiy
Pentesting. Thrilling and Painful.
Being on both sides of pentesting is both thrilling and painful. It is thrilling to see the excitement when someone gets a shell on a server that is n-levels deep. But it's painful to see it happen time and time again, with the same attack from a decade ago.
It is thrilling when issues get fixed, and fast. But it's painful when developers have to wait weeks for a hundred page report, when only five pages are actually relevant to them. And most painful of all is when two of your friends - one a pentester and one a development lead - are arguing over a few vulnerabilities, weeks after the end of a pentest, and many weeks behind go-live deadline, whilst both being correct in their own right.
We see AttackForge as a place where everyone involved in penetration testing can get together and truly collaborate, set aside their differences and work towards the greater cause.
Short History
-
Founded Cyber Security Hub
Started Cyber Security Hub - a Melbourne, Australia based consultancy delivering penetration testing and governance, risk and compliance services to organisations. Bootstrapped our way to creating AttackForge minimal viable product.
-
Launched Enterprise MVP
After much blood, sweat and tears - we finally launched our MVP to our consulting clients. We would spend the next two years refining AttackForge until it was ready for the world.
-
Launched Community
People really liked Enterprise, but wanted a light, easily accessible version to use on their own projects and clients. Thus Community was (accidently) borne.
-
First International Enterprise Sale
We finally made our first international Enterprise sale. This was an exciting time for the team, and the much needed fuel to ignite our fire towards accelerating AttackForge product development into new and uncharted markets.
-
AttackForge Goes Global
AttackForge now has paying customers on every continent (except Antarctica!)
-
50K+ Vulnerabilities, 3.5K+ Pentests, 5K+ Users
We hit record numbers in AttackForge - over 50 thousand Vulnerabilities registered on AttackForge; over 3.5 thousand Pentests delivered; and over 5 thousand registered Users.
-
Launched Core
Core is Now Available!
An affordable & competitive Pentest Management Platform for Consultancies & Small-to-Medium Enterprises.
AttackForge @ MITRE CAPEC Program User Summit 2022
We're back at Black Hat Europe Arsenal in 2021
AttackForge team will be presenting virtually at this years' BlackHat Europe in November. It has been 12 months since our last BlackHat event, in that time we have worked around the clock to bring exciting new features and capabilities to our free community edition of AttackForge. We can't wait to show everyone the progress we have made!
New Product Announcement!
Introducing Core
We have just released the highly anticipated new product to the AttackForge lineup - Core.
Core is an affordable & competitive Pentest Management Platform with all the features & workflows you need to manage your penetration testing program, or to provide pentesting services to your customers.
If you are a Consultancy or a Small-to-Medium Enterprise, and conducting more than a dozen pentests per year - check out how Core can:
- Increase Speed & Quality of Your Penetration Testing Reports
- Provide Client Portal for Your Customers
- Unify Pentesting Workflows
- Remediate Vulnerabilities Faster
- Measure Effectiveness & Prove Value of Your Penetration Testing Program & Services
View the full press release here.
We're accepted into Black Hat Europe Arsenal 2020
We're honoured and super excited to be back at Black Hat Europe Arsenal for 2020! BHEU Arsenal is where it all started for us few years ago, and we can't wait to show everyone all the new and exciting features we have built into the free version Community!
Nucleus and AttackForge Announce New Integration!
“This partnership is a big deal for security teams as a whole, not just the practitioners of VM or pen testing individually” said Stephen Carter, CEO and Co-founder of Nucleus. “We saw an opportunity to bring together traditionally independent red team penetration test data with vulnerability scan data to manage them together. This integration allows organizations to unlock additional collaboration and cohesion across both red and blue teams, at scale, in way that was impossible before.”
“The partnership between Nucleus Security & AttackForge bridges a gap that every security team faces. Until now, pentest data has lived outside of vulnerability management programs, in arbitrary and static reports – making pentest vulnerabilities impossible to track & analyze” said Fil & Stas, Co-founders of AttackForge. “By seamlessly integrating pentest data from AttackForge into Nucleus, organizations gain a true representation of the security posture of their assets, enabling leaders to make informed decisions when it comes to remediation and prioritization.”
We're accepted into Black Hat Asia Arsenal 2020
The AttackForge team will be back at Black Hat Asia 2020! We are excited to show Singapore how far we have come in the last 12 months, with new and exciting features for pentesters, students and technology teams!
AttackForge @ OWASP AppSecDay Australia 2019
The AttackForge team will be showcasing Enterprise at Australia's biggest software security conference for technology professionals - OWASP AppSecDay 2019! Ensure to check out the demo of Enterprise, and enter the draw to win a free 12-month subscription for AttackForge Pro.
We're accepted into Black Hat Europe Arsenal 2019
We are honoured and privileged to be accepted into the Black Hat Europe Arsenal for 2019! Looking forward to showcasing all the new features and capabilities we have built into AttackForge since we last presented here in 2018, and also catching up with friends!
Podcast @ Cyber Speaks LIVE -
Why Pentesting Is Broken
Excited to be speaking with Duncan McAlynn (@infosecwar) to share our experiences and thoughts on why we believe pentesting is broken, and how we are trying to solve the problems. Interested to hear thoughts from the LIVE audience on whether they have had similar experiences to us. Oh and we are randomly giving away three (3) AttackForge Pro Yearly subscriptions worth $600 each, so make sure you stick around for the LIVE Q&A for a chance to win.
We're accepted into Black Hat USA Arsenal 2019
And now for the big one. The Grand Black Hat. We are honoured, proud and thrilled to be presenting in the Black Hat USA Arsenal 2019! We were promised it's going to be big. We can't wait, we have worked so hard on new features for Community and we're very excited to show the world!
We're accepted into Black Hat Asia Arsenal 2019
Community was accepted into Black Hat Asia Arsenal 2019. We learned so much from the Europe conference, we were excited to show everyone our progress and how we addressed community feedback. It was a stellar event - Singapore really knows how to turn it up!
We're accepted into Black Hat Europe Arsenal 2018
An exciting and nerve-racking time for our team. Community was accepted into the prestigious Black Hat Arsenal. This would be our first major public announcement and showcase of Community. Would it stack up and be accepted by the community? We hope so :) EDIT: it was!