Getting Started
Overview
Fortworx is a vulnerability disclosure platform that helps organizations receive, triage, and respond to security reports from external researchers. This guide will help you get started with Fortworx and start running a vulnerability disclosure program.
In this guide, you will learn how to:
Your first Vulnerability Disclosure Program
Fortworx organizes accounts into Workspaces. You can think of a Workspace as an organization, a company or a team. Your first Workspace is automatically created when you sign up for Fortworx.
Each Workspace organizes the reports and settings for a specific VDP. Security researchers can report vulnerabilities to your Workspace by submitting a report via email or a web form.
Send a test report
Now that you have your first Workspace, you can send a test report to see how Fortworx works. Each Workspace has a unique email address, like foo@reports.fortworx.com. You can find this email address in the Workspace settings.
To test your first VDP, send an email to this email address. It doesn’t matter what the email contains, as long as it is sent to the correct email address.
Once the email is received by Fortworx, it will be processed, and you will see it on your Workspace dashboard.
Start receiving reports
You can now start receiving reports from security researchers. Simply advertise the email address on your website and you are ready to go.
You can also integrate a web form on your website to make it easier for researchers to submit reports. Fortworx provides a customizable web form that you can embed on your website. You can find the embed code in the Workspace settings. We will get into more details on how to do this in the next guide.