How many vulnerabilities have we discovered this year? What about last year?
AttackForge keeps track of all your vulnerability data from security and penetration testing projects and can provide you with the detailed statistics you need.
What return of investment are we getting on our penetration testing program?
Get to know how hard your team is actually working at fixing discovered issues. Know exactly how many vulnerabilities have been discovered, retested and fixed - at any time.
How many open vulnerabilities do we have for that system right now? What about that business group or client?
Know exactly how many open or closed vulnerabilities for every asset, system, business group or client. Get the details fast.
I need to brief the executives. Are we getting better or worse?
Compare vulnerability and trend data over time. Measure how fast your organisation is at discovering and remediating critical vulnerabilities.
What are the Top 10 Most Vulnerable Assets in our organisation? What about Top 10 Most Common Vulnerabilities?
Discover your most common vulnerabilities, vulnerable assets, and failed testcases across your entire organisation, business group or client.
Where should we invest more in training and awareness?
Trends and analytics can help you make sense of your vulnerability data to better understand where you need to focus resources within your organisation or business groups.
High-quality customisable reports, on-demand and when you need them.
Integrated, Centralised & Rich Issue Library. Speak a consistent language.
Tools and workflows to reduce project overheads and costs by up to 40%.
Business, Technology and Security teams collaborating in one place.
Pre-loaded with industry benchmarks - for compliance and auditing.
See your organistion's vulnerable areas. Know your real weaknesses.
Still interested? Request a Demo
High-Quality Automated Reports
On-demand reporting at the click of a button, whenever Business or Technology teams need it. Reports can be customised and includes templates for Executives, Risk Managers, Third-Parties such as Auditors, and Developers. All reports can be downloaded in PDF, HTML, DOCX, CSV & JSON.
Know Your Security Posture - At Any Time
Track vulnerabilities and trends over time, across the entire organisation or individual business units. Know what are your Top 10 Most Vulnerable Assets, Top 10 Most Common Vulnerabilites and Top 10 Failed Testcases. Measure your Mean-Time-To-Remediate (MTTR). Better plan your investment in training and awareness. Executive and line reporting out of the box.
Integrate & sync with common enterprise tools and services such as JIRA, Slack and ServiceNow. Plug into your own Identity and Access Management Provider - oAuth, LDAP, ADFS.
Industry Standard Benchmarks and Methodologies
AttackForge Enterprise comes pre-loaded with common industry benchmarks from OWASP, NIST, PCI, OSSTMM and others. Determine what will be tested against each asset, every time. Bring standardisation and consistency to your pentest program. Keep your auditors happy.
Schedule and Plan Test Activities
Keep on top of all your projects. Know what pentests are in the pipeline and manage resources effectively. Single view of all projects and their status per month, week or day. Resource Manager views and filter by users.
Track Remediation Efforts and Retesting
Know if and when vulnerabilities are remediated or fixed. Audit logs contain full history and actions for every vulnerability for transparency and traceability. Easily request and perform retesting.
See Attack From Hackers Perspective
Attack Chains help demonstrate exactly what an attacker is doing at every step - in a simple and clear visual story. Understand how vulnerabilities can be grouped together to cause devestating attacks against your organisational assets. Map Attack Chains to MITRE ATT&CK® Framework in minutes!
AttackForge Connector - Import & Export Vulnerabilities Into Your Enterprise Ecosystem
AttackForge Connector helps you Import and Export vulnerabilities To and From your AttackForge Enterprise Tenant and 3rd Party Tools and Platforms.
Self-Service API For Workflow Automations
Easily automate workflows using our Self-Service API. Perfect for customisations and integrations into your enterprise ecosystem. Manage and control access to each API for peace of mind. Setting up service accounts are a breeze.
AttackForge ReportGen - Create Custom Reports
Create fully customised reports in a fraction of the time, based on your own DOCX templates. Personalize your reports to your own style or corporate branding. Creating custom reports is a breeze with AttackForge ReportGen!
Download our white paper on how to run an effective and efficient centralized penetration testing program. Learn how to get better Return of Investment on your pentesting; Extract maximum value from the findings; and Provide visibility to executives & managers on the performance of your pentesting program.
Need Help? Check out our Support Site
Pricing plans to accomodate all sizes
Choose a plan that suits you
We have multiple plans which scale as you grow.
Each Plan includes Project Credits - to use within Licence Period.
Each Plan has Unlimited Users - for Unrestricted Collaboration.
- Enterprise 50
- Enterprise 100
- Enterprise 200
- Enterprise 300
- Enterprise 500
- Enterprise Unlimited
AttackForge Enterprise is provided as either:
- Cloud Software-as-a-Service
- On-Premises & Offline
Enterprise 50 Cloud
50 Project Credits
Private Dedicated Infrastructure in
Azure Region of Your Choice
Whitelabelled For Your Organization
Single-Sign On (SSO)*
Support Level Agreement (SLA)
Integrations & Automations*
Upgrades & Enhancements
Training & Support Centre
|Global Dashboard For All Your Vulnerabilities|
|View & Search Vulnerabilities by Project, Asset, Priority and Status|
|Track by Open, Closed and Ready For Retest|
|Analytics & Trends Discovery Across Organisation and Groups|
|Track Vulnerabilities Against Groups (Clients / Business Units)|
|Create Attack Chains & Map to MITRE ATT&CK® Framework|
|Import Vulnerabilities Into Your Projects via API or Connector|
|Export Vulnerabilities Into 3rd Party Tools & Platforms via Connector|
|Export & Sync Vulnerabilities With Your JIRA Project|
|Export Vulnerabilities Into Your ServiceNow Tenant|
|RESTful API Available For Data Imports or Exports|
|Detailed Vulnerability Information|
|Upload and Store Vulnerability Evidence & Artefacts|
|Audit Logs For Life of Vulnerability|
|Access & Manage Vulnerability Library (1300+ Vulnerabilities)|
|Choose When Your Vulnerabilities Are Visible To Project Team|
|Choose Your Scoring System, Including CVSS v3.1|
|Global Dashboard For All Your Projects|
|Clients / Stakeholders Request New Projects|
|Admins Review & Approve or Reject New Projects|
|Create & Manage Projects|
|Daily Notifications on Start/Stop Testing|
|Project Overview & Dashboard|
|Daily Tracker For Testing Progress|
|Track Projects, Assets & Users Against Groups (Clients / Business Units)|
|Secure Workspace For File Uploads|
|Create Private, Team & Reporting Notes|
|View & Action Test Cases|
|Access & Manage Test Suites and Methodologies|
|Storage For Testing Logs|
|User Access Management|
|Multi-Stage Workflows Available|
|Invite People To Collaborate on Your Projects|
|Scheduling & Calendar - Filter By Projects and Users|
|Private Slack Channels For Communication|
|Request, Track and Perform Remediation Testing|
|Define & Manage Groups (Clients / Business Units / Pentest Teams / etc.)|
|Automated & On-Demand Reporting|
|Detailed Vulnerability Reports (PDF, HTML, DOCX, CSV & JSON)|
|AttackForge ReportGen - Create Fully Customised & Personalized Reports|
|Export JSON Into Your Own Reports and Tools|
|Group Reports (Clients / Business Units)|
|Customise Executive Summary|
|Templates for Executives, Auditors, 3rd Parties, Developers|
|Customise Your Reports|
|Upload & Add Your Own Logo To Reports|
|Dedicated Infrastructure / Single Tenant Hosted in Microsoft Azure Region of Your Choice|
|On-Premises 100% Offline Deployment Option Available (Can Operate In Isolated / Air-Gapped Network)|
|Mandatory Two-Factor Authentication|
|IP-Whitelisting & Network Access Controls|
|Enterprise User Management & Audit Logs|
|Encrypted Communications & Storage|
|Role-Based Access Controls (Users / Projects / Groups)|
|Platform-As-A-Service - Turn-key Solution For Peace of Mind|
|Unlimited Users - For Unrestricted Collaboration|
|12 / 24 / 36 Months Licence|
|Upgrades to Latest Features & Modules|
|Whitelabelled - Custom Domain, Logo & Colours|
|You Own The Data|
|RESTful API Available For Data Imports or Exports|
|Self-Service API for Custom Dashboards, Reports, Analytics & Workflows|
|Enterprise User Roles Available|
|In-built Knowledgebase For Help & Support|
|Email, Phone & On-Site Support Available|