AttackForge

Overview

Penetration data has traditionally lived outside of Vulnerability Management programs – siloed in arbitrary and static reports – making pentest vulnerabilities impossible to track and analyze. As two separate sets of information, security teams lack full insight into their true security posture, making decisions on prioritization and remediation without a complete risk picture.

But it doesn't have to be this way!

AttackForge is a penetration testing management and collaboration solution. With the Nucleus / AttackForge integration, the gap between vulnerability management and pen testing is bridged. You can inject penetration test data - and sync that metadata - into the vulnerability management process to improve your security visibility. Your security visibility magnifies with the convergence of these two data streams, becoming a game-changer for collaboration with DevSecOps.

Import data

Option 1 (recommended)

From within your AttackForge account, create a vulnerabilities export directly to Nucleus by following the instructions in the AttackForge support center here to set up a push connector from within AttackForge into Nucleus. That's it! Your vulnerability data will be pushed into the Nucleus Project you specify in the AttackForge process.

Option 2

1. From within your AttackForge account, create a JSON file export of your vulnerabilities.
2. From within a Nucleus project, navigate to Integration Hub > Import via File.
3. Select or drag and drop the AttackForge JSON file to start the upload.
4. Wait for the status of the upload to display Success.
5. Navigate to Integration Hub > Import History to view the results.

Special features

Synced metadata

As with other integrations, Nucleus syncs useful metadata from AttackForge imports. Here's a list of the attributes with examples of values for each key.

If you have any questions, please contact us through our support center or email [email protected].