Features

A toolbox with advanced features to automate your service delivery. From project creation and orchestration to smart reporting, a powerful suite of features takes your service to the next level.

Flexible Environment Management Suite
Cloud service / Hosted / Mixed Environment

Refers to ability to have different types of deployments. By default platform is accessible as cloud service, served by Plainsea Azure account.

Custom Domain

Ability to use own custom domain for the platform. By default service is available at portal.plainsea.com (providers only)

White Labelled / Company logo

Ability to use own custom UI theme and Company Logo (providers only).

Single Sign-On (SSO)

Users could use their existing accounts

IP-Whitelisting & Network Access Controls

Ability to restrict access based on user’s IP.

Manage Users

Manage users of the platform. Invite new users.

Manage Tenant Configuration

Manage tenants data and hierarchy

Roles Based Access Control

Predefined user roles

User Assignments Access Control

Access to platform is based on “assignments”. Assignments are inherited hierarchy

AI Powered Writing Assistant

AI Powered assist with pre-written prompts, available in all text edit areas, finetuned to cybersecurity

AI Powered summaries engine

AI Powered summarization. Auto-generated summaries

AI Powered Data analitics

Summary and analysis of meaningful data to support decision making

September Release
GPT Engine integration capabilities

Ability to integrate AI Implementations of choice

Open AI ChatGPT Integration

Ability to integrate ChatGPT

Propriatary GPT Engine

Plainsea GPT engine accessible in the platform

July Release
Dynamic projects configuration

Configure, maintain and change project parameters on the fly, without affecting directly any of the services

Detailed project description

Create free text content related to the project

Project based dashboards

Dashboards, giving access to insights and analytics of specific projects

Custom Notifications

Highly customizable notifications, based on events, event types, events groups and driven by filtering and/or subscriptions

July Release
Manual Vulnerabilities discovery and registration

Configure, maintain and change project parameters on the fly, without affecting directly any of the services

Vulnerabilities Import
Seamlessly import vulnerability data via integrations with tools like Nmap and Metasploit
Vulnerabilities Import via API
Retrieve vulnerability data through API integrations
September Release
Custom Import Mapping
Tailor the import process to align with specific data structures and requirements
CVSS v3.1 Scoring

Standardized vulnerability evaluation through Common Vulnerability Scoring System version 3.1

OWASP Scoring

Vulnerability assessment based on the OWASP risk rating methodology

Choice of reference library (Knowledge base)

Selection from various vulnerability template libraries, allowing pentesters to utilize pre-defined descriptions efficiently

Checklist & methodology base

Runbooks with detailed guides and commands for penetration testing procedures

September Release
Configurable vulnerability views

Customization options for the display layout and style of vulnerability information to cater to diverse user preferences

July Release
Automated insights and remediation suggestions

Automated insights on vulnerability severity, remediation advice, and PoC code

Markdown/WYSIWYG

Vulnerability documentation using Markdown or What You See Is What You Get editors

July Release
Communication with pentest team

Direct, real-time communication channels

Communicataion with clients

Efficient and secure communication with clients regarding vulnerabilities

Real-time results

Instant access to test results and updates in the portal

Global Vulnerabilities

Aggregating and displaying vulnerabilities from multiple sources like CVE databases

Attack scenarios

Creating scenarios that chain multiple vulnerabilities to simulate complex attack paths

Custom fields

Customization of data fields for tailored vulnerability tracking and reporting

Remediation Plans

Generating and managing detailed plans for addressing identified vulnerabilities

Revision History

Track record of all changes and updates made to vulnerability records

Vulnerabilities visualization in a map format

Vulnerabilities are linked directly to the affected assets in the system

Evidence

Collection and storage of evidential data supporting the existence and impact of vulnerabilities

Ticketing Tools Integrations

Integrations with popular ticketing tools like JIRA and ServiceNow

Requesting a retest

Clients can easily request retesting of vulnerabilities post-remediation

Automated agent Assets discovery and mapping
Automatically discover assets, relations are built automatically
September Release
Manual assets input and mapping
Add assets manually . Relations are build automatically.
Import From Tools - NMAP, Masscan, etc
Import assets discovered by 3-th party tools. Relations are build automatically.
July Release
All assets management accessible through one single management console
Tailor the import process to align with specific data structures and requirements
Custom Fields and Forms
Detail the statement of work or scope description for the penetration testing engagement
July Release
Agent based Remote Discovery Technology
Run daemons and collect information in closed networks
Customizable reports structure with dynamic sections

Include, exclude and reorder sections per report. Mainatin Report and sections versions.

Automated sections
Collecting and presenting data automatically based on criteria in real time. PDF generated reports reflect values valid at the moment of pdf generation.
Detailed Findings
Detailed description of findings and all related data. Additional information is added in additional sections or appendixes.
API Checklists
Checklists specific to API penetration testing featuring corresponding results for each check in the report
Executive summary
Concise, high-level overview of key findings and insights for executive audiences
Engagement overview
Detailed statement of work or scope description for the penetration testing engagement
Informational findings
Report on non-critical findings or very low-risk/minor issues that don’t qualify for a CVSS score
How-it-works vulnerability diagrams
Diagrams that visually explain the mechanics of specific vulnerabilities or attack types
Report templates
A range of customizable templates for structuring and presenting penetration testing reports
Export to PDF
Convert reports into PDF format for easy sharing and printing
Project extra data
Incorporate additional metadata or arbitrary information relevant to the project for comprehensive documentation
Analytics
Different type of graphics calculated in real-time. PDF generated reports reflect values valid, values at the moment of pdf generation.
Ready-to-use report template
Presenting repot data in clear, concise and visually appealing way for easy decision making
Event based notifications engine
Internally integrated notification mechanism that allows real-time notifications to be sent to the users
Customizable notifications
Subscribe or unsubscribe to different notifications, based on filter, group, type, topic
July Release
Centralized and Customizable Vulnerability Writeups
Built-in library with standardized and customizable narratives
Preloaded Writeups from CWE and CAPEC
Standardized narrarives based on CWE and CAPEC catalogues
July Release
Custom Vulnerability Writeup Libaries with Access Controls
Create custom Writeups with restricted access according to client and project requirements
July Release
Import Writeups
Import locally generated Writeups in the platform
September Release
Import Test Cases from Standards like OWASP
Real-time acces to security checks recommended by OWASP
September Release
Real-time CVE &Exploit Database integration
Up-to-date information of all current exploits and vulnerabilities
Dashboards
Data visualizations in dashboard format by clients or by projects
Trend Analysis
Current information on the most exploitable vulnerabilities
RESTful API with 120+ Endpoints

Real-time updates and notifications

Notifications when co-workers are working on the same finding in parallel

Review each other's work

Real-time cooperation on findings directly in the platform

Review and compare versions

Team members can review current and previously saved versions of items, reports, findings

Real-time results delivered in the portal

All the findings are visible as soon as they are discovered and published

Real-time customer feedback in the portal

Instant communication with the client

Real-time status change and status tracking

Discovery and status changes are instantly visible in the platform

Discussions boards

The discussion board facilitates interactive conversations and knowledge sharing among users through threaded discussions, maintaining conversation history

Support Site
All the support information you need in one place
Email
Have your issue resolved via e-mail
Ticketing System
Ticketing portal that allows users to submit and track tickets for issues and suggestions, providing a streamlined interface for reporting problems and offering feedback.
SLA
Create and track SLA
Dedicated Customer Success Manager
Depending on your subscription plan, you may have a dedicated CSM to assist you along your Plainsea journey

Functionalities

With its extensive set of innovative features, Plainsea offers a broad set of applications across cybersecurity services. Discover examples of automations which will make a difference in your service delivery.

Penetration Testing

Constantly evolving threat landscape and time constraints are just a fraction of the daily challenges of pen- testers. Drawing on best practices and years of experience, we’ve developed a platform that streamlines and optimizes your penetration testing process, making it both efficient and cost-effective, and allowing you to secure the threat landscape on an ongoing basis. 

Benefits of pen-test automation:

Streamlined communications

Slashing project turnaround times

Instant notifications

Impactful reporting

Real-time visibility over a constantly shifting threat scene

Discover use cases of how Plainsea can help you boost your pen-testing operations as a project-based and a continuous-based service.

virtual CISO

We understand the critical nature and complexity of the virtual Chief Information Security Officer’s (CISO) responsibilities. Our team of experienced cybersecurity professionals has leveraged their extensive expertise to develop a platform designed to reduce and easily orchestrate the overwhelming complexity of the CISO position. This allows you to focus on your core mission – strengthening the security posture of your clients.

With Plainsea AI powered virtual CISO you will make the most of the many benefits of a single-pane view of your clients’ security posture:

Continuous compliance assessments

Strategic prioritization of vulnerabilities

Automated risk assessments

Automated orchestration of security tools

Actionable remediation plans

Impactful findings and recommendations

Want to know more about Plainsea virtual CISO?