AttackFlow Enterprise Edition

Usage Guideline & Tips

Enterprise Edition is the standalone desktop solution of AttackFlow, where security auditing of target source code is easy, directing and fast.

After grabbing your copy of online application installation file, license key and installing successfully, here's the basics of using AttackFlow Enterprise Editon.

Finding A Way To Try AttackFlow Enterprise Edition?

If so, click to download 15 days full version for free!

Enterprise Edition opens up with the list of projects you have previously scanned, which dictates that you can scan a project more than one time. In order to see the details of individual scan instances, you can click on the scan instances icon at the far right of the related project.

In order to start a new scan, click on the New Scan menu item and give appropriate choices such as the language of the target software project, name of the project, and solution file or the path to the source code. For .NET projects it's enough to select solution file, however, for other languages such as Java (including Android) the root directory of the project should be selected. When everything looks good, hit the Start Scan button.

As the scan analysis progresses, the number of findings and overall risk level indicator are presented dynamically.

When the scanning ends, the graphical results are shown with a set of filters that can be used to produce PDF or HTML reports based on various standards such as PCI, OWASP and HIPAA. In order to see the details of the results, hit the Audit button.

In order to further analyze the findings the AttackFlow presents a built-in audit interface with four main sub-windows.

  • The vulnerability window contains the extracted finding categories ordered by severity levels
  • The code window displays the code file that the finding stems from
  • The flow window shows the tainted data travelling from the root of the problem up to the original source
  • Finally, the action window shows generic description and mitigation alternatives of the finding as well as an interface for attaching comments to the current finding

Finally, in order to see the all scan instances so far, click All Scans menu item, which will list the scan instances as well as icons to export quick reports and go into related scan overview screen.

Interested in AttackFlow Enterprise Edition?

If so, click to get instant quote now for yearly subscriptions!