Simplify Security Assessments

Faction simplifies your entire assessment process by providing an intuitive interface for assessment collaboration, assigning/tracking assessments, easily entering vulnerabilities with screenshots, tracking vulnerabilities to closure, designing/generating assessment reports, and much more.

Request Access

Penetration Testers

Faction removes the management aspect of assessments from your most technical people so that they can get get back to doing what they do best…Hacking! Faction contains a powerful reporting engine that does most of the heavy lifting when creating assessment reports. Commonly found vulnerabilities like XSS and SQL Injection are auto populated with descriptions and recommendations so that the assessor only needs to populate screenshots and exploit steps of the findings. Burp Suite integration shows a history of open and closed findings from previous assessments so assessors know which areas of the application to target and can check for any remaining open items.

Engagement Teams

Faction simplifies assessment scheduling and project management by streamlining the workflow. Faction tells you which assessors are available for a new assignment and which ones are currently working on other projects or even Out of the Office. You can assign one to several assessors to a single assessment and populate the assessment information like URL’s and credentials into the project queue so its available to all assessors when the assessment begins.

Risk Management

Faction has verification and remediation workflows built in. It makes it easy to track open findings and schedule them with open assessors when the remediation dates are coming due. Remediation teams have visual calendars to see who’s available to handle verification requests. When verification requests are sent to assessors they contain links to the original report and have the exploit steps broken out so information is readily available to assessment teams. Assessors can pass or fail the proposed fixes and add notes that are saved with the assessments.

Collaboration

Faction has a built in social network that allows team members to share cool findings with the team or ask questions about risk or just talk about the current security news. If several assessors are working on the same assessment there is a feed where issues are posted and the other assessors can comment and/or use the information to find other areas that might be vulnerable. Faction is about bringing the team together and helping to make assessments more efficient.

Security Tools Made by Security Experts!

Faction  not only integrates into existing security tools but also integrates into your current environment with both REST web services and a Python based API. It can be customized to fit into your existing infrastructure to send or pull data from other sources.

Submit a request to download the Free BETA version of Faction. It’s free to try for as long as you like. In exchange we would love to have your feedback though it’s not required.

Penetration Testing

Assessors begin with an assessment queue so they can see what assessments are assigned each week with system information and credentials populated in the queue so they are ready to start Hacking when an assessment is assigned. Assessment History so assessors can quickly see open and closed issues when a system is assessed multiple times. This allows the assessor to know which areas to target and ensure they are aware of open issues.

Learn More

Scheduling options

Faction tells you which assessors are available for a new assignment and which ones are currently working on other projects or even Out of the Office. You can assign one to several assessors to a single assessment and populate the assessment information like URL’s and credentials into the project queue so its available to all assessors when the assessment begins.

Learn More

Reporting Toolset

Faction contains a powerful reporting engine that does most of the heavy lifting when creating assessment reports. Commonly found vulnerabilities like XSS and SQL Injection are auto populated with descriptions and recommendations so that the assessor only needs to populate screenshots and exploit steps of the findings. Burp Suite integration shows a history of open and closed findings from previous assessments so assessors know which areas of the application to target and can check for any remaining open items.

Learn More

Vulnerability Tracking

Faction has verification and remediation workflows built in. It makes it easy to track open findings and schedule them with open assessors when the remediation dates are coming due. Remediation teams have visual calendars to see who’s available to handle verification requests. When verification requests are sent to assessors they contain links to the original report and have the exploit steps broken out so information is readily available to assessment teams. Assessors can pass or fail the proposed fixes and add notes that are saved with the assessments.

Learn More

Signup Today For Instant Access

Join today and get access to Faction.

Join Today