Simplify Security Assessments
Faction simplifies your entire assessment process by providing an intuitive interface for assessment collaboration, assigning/tracking assessments, easily entering vulnerabilities with screenshots, tracking vulnerabilities to closure, designing/generating assessment reports, and much more.
Penetration Testers
Faction removes the management aspect of assessments from your most technical people so that they can get get back to doing what they do best…Hacking! Faction contains a powerful reporting engine that does most of the heavy lifting when creating assessment reports. Commonly found vulnerabilities like XSS and SQL Injection are auto populated with descriptions and recommendations so that the assessor only needs to populate screenshots and exploit steps of the findings. Burp Suite integration shows a history of open and closed findings from previous assessments so assessors know which areas of the application to target and can check for any remaining open items.
Engagement Teams
Faction simplifies assessment scheduling and project management by streamlining the workflow. Faction tells you which assessors are available for a new assignment and which ones are currently working on other projects or even Out of the Office. You can assign one to several assessors to a single assessment and populate the assessment information like URL’s and credentials into the project queue so its available to all assessors when the assessment begins.
Risk Management
Faction has verification and remediation workflows built in. It makes it easy to track open findings and schedule them with open assessors when the remediation dates are coming due. Remediation teams have visual calendars to see who’s available to handle verification requests. When verification requests are sent to assessors they contain links to the original report and have the exploit steps broken out so information is readily available to assessment teams. Assessors can pass or fail the proposed fixes and add notes that are saved with the assessments.
Collaboration
Faction has a built in social network that allows team members to share cool findings with the team or ask questions about risk or just talk about the current security news. If several assessors are working on the same assessment there is a feed where issues are posted and the other assessors can comment and/or use the information to find other areas that might be vulnerable. Faction is about bringing the team together and helping to make assessments more efficient.
Security Tools Made by Security Experts!
Faction not only integrates into existing security tools but also integrates into your current environment with both REST web services and a Python based API. It can be customized to fit into your existing infrastructure to send or pull data from other sources.
Submit a request to download the Free BETA version of Faction. It’s free to try for as long as you like. In exchange we would love to have your feedback though it’s not required.
Penetration Testing
Assessors begin with an assessment queue so they can see what assessments are assigned each week with system information and credentials populated in the queue so they are ready to start Hacking when an assessment is assigned. Assessment History so assessors can quickly see open and closed issues when a system is assessed multiple times. This allows the assessor to know which areas to target and ensure they are aware of open issues.
Scheduling options
Faction tells you which assessors are available for a new assignment and which ones are currently working on other projects or even Out of the Office. You can assign one to several assessors to a single assessment and populate the assessment information like URL’s and credentials into the project queue so its available to all assessors when the assessment begins.
Reporting Toolset
Faction contains a powerful reporting engine that does most of the heavy lifting when creating assessment reports. Commonly found vulnerabilities like XSS and SQL Injection are auto populated with descriptions and recommendations so that the assessor only needs to populate screenshots and exploit steps of the findings. Burp Suite integration shows a history of open and closed findings from previous assessments so assessors know which areas of the application to target and can check for any remaining open items.
Vulnerability Tracking
Faction has verification and remediation workflows built in. It makes it easy to track open findings and schedule them with open assessors when the remediation dates are coming due. Remediation teams have visual calendars to see who’s available to handle verification requests. When verification requests are sent to assessors they contain links to the original report and have the exploit steps broken out so information is readily available to assessment teams. Assessors can pass or fail the proposed fixes and add notes that are saved with the assessments.
Signup Today For Instant Access
Join today and get access to Faction.