HackGATE is a managed gateway for security testing, designed as a comprehensive solution for controlling and monitoring pentest projects.
HackGATE is not a vulnerability scanning or security testing tool. As a monitoring tool for pentest projects, it does not have the capacity to fix issues or suggest remediation solutions.
Is HackGATE an on-premise solution?
No, HackGATE is a cloud-based solution, managed by the Hackrate team in the Azure cloud. We do not use virtual machines, only services by cloud providers with the highest level of compliance and physical security standards. This means that you can kick off a new project immediately.
HackGATE was designed for enterprises and large organizations that have multiple pentests running simultaneously to enable them to easily monitor hacking activity and increase control over security testing projects.
What are the benefits of using HackGATE?
Using HackGATE enables users to improve the transparency of ethical hacking activity, separate pentester activity from real-life attacks, and improve the efficiency of pentest projects in a cost-effective way. HackGATE also simplifies compliance audits by providing accurate and comprehensive information about pentest projects.
The tenant name is essentially the name of your organization, for example,’hackrate’ with a unique tenant ID assigned to it. This tenant name will serve as the login identifier for members of your organization to access and join the same account.
Following the ISO27000 guidelines, we use the word asset to refer to web assets, such as a web application, website, or API, for which our customers can use HackGATE. An asset can also be a physical server in a data center, divided into ports, with an IP address assigned.
Can we use HackGATE for subdomains?
You can utilize HackGATE for all subdomains linked to your web app by employing the "auth.mycompany.com" format to log in to "app.mycompany.com." This way, you can access and authenticate across various subdomains seamlessly.
How does hacker authentication work?
Hackers are unable to log in to the admin center directly. Instead, they must go through the registration process using Azure's B2C (Azure Active Directory Business-to-Consumer) service.
Do web apps we use HackGATE for have to be public-facing?
No, the web apps you use HackGATE for do not need to be public-facing. You can make internal web apps accessible through Network Address Translation (NAT). To achieve this, you must add the external IP address and port from which you published the web app in the admin's dashboard. To ensure security, you only need to set up the firewall to allow access from the specific HackGATE IP address. This way, only our team will be able to access your internal web app.
Where can I report a security bug?
If you come across any security errors, please report them through the Hackrate platform. We value your contributions to help ensure the security of our systems. Thank you for your assistance!
Are you planning to introduce more features?
Yes, we are planning to introduce a number of new features, mostly related to improving the analytics capabilities of Hackrate. Stay tuned for our feature announcements!
How much does HackGATE cost?
HackGATE Beta has three price plans:
Free trial: one asset for 5 days, with access to all basic features.
Business plan: €80 per web application, per day, with access to full functionality and advanced reports.
Enterprise plan: custom pricing depending on your specific needs.
For more info, visit our pricing page