Speed Pentest Reporting With AI, Increase Team Collaboration, and Manage Team Utilization

Plex AI, Scheduler, and Real-Time Collaboration now available

Over the past few years, we’ve met with thousands of folks in the pentest and vulnerability management space. Our takeaway? There’s not enough time in the day. While we can’t add hours to the day, we can help you maximize your resources by cutting reporting time, increasing cross-team collaboration, and offering a view into testers’ capacity.

Plex AI: Speed Pentest Reporting

Our initial mission was to become the first pentest and vulnerability data management platform to add AI capabilities — a goal we proudly accomplished with the introduction of Plex AI. For those unfamiliar with Plex AI, we jokingly refer to it as your new team member because it helps you write your pentest report.

You might be wondering, how does an AI tool help offensive security teams write reports? You simply provide inputs such as CVE or the title of a finding in PlexTrac’s content library and Plex AI will auto-generate the finding’s description and recommended remediation steps. Plex AI can also summarize large sets to assist with your executive summary. Talk about time savings, right?

We recognize that as a security professional, you might be a bit weary of AI. Trust me, we totally get it. We took our time creating a homegrown AI product to ensure that it’s fully secure (see our Security FAQs). Our solution’s current model operates in a pre-trained capacity. The system and underlying components do not learn over time or retain user submissions beyond the requirement to process the submission and provide a generative response.

Plex AI is just the tip of the iceberg. We have been working on several additional AI algorithms to bring automation to multiple areas of the offensive security lifecycle. In the near future, you will be able to leverage our AI capabilities to gain even deeper insights into your findings and risk posture, enabling faster time to remediation and — ultimately — reduced risk.

Real-Time Collaboration: Improve QA Workflows With Google-Doc-Like Features

But enough about the future … Let’s continue reviewing the latest product updates we’re revealing right here, right now.

Our platform is highly collaborative — you can track changes and leave comments in the QA process, assign and track tasks without ever leaving PlexTrac, and provide stakeholders with a read-only view of their reports. But we’ve taken these features to the next level.

Our QA features are now close to a Google Docs experience. You can see who and when someone else is in a report and where they are making edits or suggestions — all in real time. This helps ensure that everyone is focused on getting the report written and reviewed as quickly as possible. In turn, it enables testers to spend more time testing and remediating.

Scheduler: View Tester’s Capacity & Schedule Engagements

With more time on testers’ hands, it’s crucial to maximize those extra resources. So as part of this launch, we added engagement management capabilities. What does this mean? There is now a module that allows you to view testers’ capacity and workloads and schedule engagements. So if you see that a tester has extra availability and you want to add an engagement to their workload, you simply click “request engagement” and fill out the following details:

Engagement name
Business line
Desired due date
Test window
Type of test
Objective
Scope
Credentials

Once a request for engagement has been submitted, it will appear as “pending” until the tester has accepted the request. The requester can always go back and edit details as needed.

If relevant to your business, you can also grant clients requester access. For clients to request engagements, they go to the Client Portal, click “request engagement” and fill out similar information as above. Managers can review requests, assign as they see fit, or edit the details/scope to remove the friction from the client scheduling workflow and encourage requests to flow in.