Fluid Attacks News logo

News

Subscribe to Updates

Labels

  • All Posts
  • Fix
  • Announcement
  • Improvement
  • new

Jump to Month

  • April 2025
  • March 2025
  • February 2025
  • January 2025
  • December 2024
  • November 2024
  • October 2024
  • September 2024
  • August 2024
  • July 2024
  • June 2024
  • May 2024
  • April 2024
  • March 2024
  • February 2024
  • January 2024
  • December 2023
  • November 2023
  • October 2023
  • September 2023
  • August 2023
  • July 2023
  • June 2023
  • May 2023
  • April 2023
  • March 2023
  • February 2023
  • January 2023
  • December 2022
  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • November 2019
  • October 2019
  • September 2019
  • July 2019
Product Roadmap
In Review
VEX Support
new
In Progress
Azure integration
new
Container images analysis
new
PHP SAST Suppport
new
Platform redesign
new
CVSS 4.0 in our platform
new
5 years ago

Event Report

In previous days, we released a new feature that will allow analysts to report new events directly on Integrates using the “New Event” button:


image

When the analyst click the button, a pop-up will emerge, requesting the information about the event:

image

After the analyst enters the information and presses the “Proceed” button, Integrates will create a new event and send an email to all project managers.

The “Edit” button must be pressed and the affectation value must be edited to solve the event. The affectation is the number of hours that the project was affected by the event:


image

Finally, the “Update” button must be pressed. After refreshing, the event will appear with a “Solved” status:

image


Avatar of authorJuan
5 years ago

State for Resources

To keep track of the different resources a project needs, it is no longer possible to eliminate repositories. Instead, each of them will have a “state”. This * state * can be “Active” or “Inactive” ([optional] as explained below):

  • Active: The repository is available and ready for our hackers to access.
  • Inactive: The repository does not exist anymore, it was changed, or it was added by mistake.

Every time a repository is changed, a notification will be sent to all the people involved in the project (both Fluid Attacks’s and customer’s users).

Finally, the states can be changed by project users at any moment, and every change will be stored for future needs.


active_repo
Avatar of authorJuan
new
5 years ago

Deleting Findings and Vulnerabilities - Integrates

Sometimes, it is necessary that a finding or a vulnerability be removed from Integrates for different reasons. Nevertheless, deleting the information is not a good idea in the security world, and it is always important to keep track of these events.

This is why we don’t delete the findings or the vulnerabilities in Fluid Integrates. Instead, analysts can set any of them to a “Deleted” state.

A justification must be part of the process, and the possible values depend on the entity that the analyst wants to hide. The following options are valid for both findings and vulnerabilities:

  • It is a duplicate: The finding or vulnerability had been reported previously.
  • It is a false positive: After a review process, it was determined that the finding or vulnerability was not.

There is an option only for findings:

  • Finding not required: The report was made for a system that no longer exists or for a finished project.

And there is an option only for vulnerabilities:

  • Error when reporting: Given that a vulnerability cannot be edited, this option must be selected if you are going to report another vulnerability that corrects it.


delete_finding


Avatar of authorJuan
new
5 years ago

Integrates API Access

A few days ago, we launched a new feature that allows users to make requests directly to our GraphQL API. You can do this by using one of the following methods:

Browser method

1. Log in to https://integrates.fluidattacks.com

2. Open https://integrates.fluidattacks.com/api

3. Open the Settings using the upper-right button

4. Set a new value: "request.credentials": "include" and save the settings

5. Go to a new tab and make your queries

Note: This method uses the same session as the web application, which lasts for 40 minutes. After that, you need to log in to https://integrates.fluidattacks.com again and refresh the https://integrates.fluidattacks.com/api page.
If you want your session to last more than 40 minutes, you can use an API Token as shown below.

API Token method

1. Generate the API Token from the web application using the API option in the left panel:

2. Select an expiration date up to six months after the creation date:



3. After clicking the “Proceed” button, you will see a string labeled “Access Token”. This will be your API Token:


4. Store this token safely, as it is the only time you will see it. With it, you can do the same things that you usually do on the Integrates web application.

You can also generate the API Token using the next GraphQL mutation on https://integrates.fluidattacks.com/api, where expirationTime is a Unix Timestamp

mutation {
  updateAccessToken(expirationTime:1577854799) {
    sessionJwt
  }
}

You will get the API Token under the sessionJwt value:

Add a new Header in HTTP HEADERS with the name Authorization and the value Bearer , where is the token generated in the previous steps:

Done! Now you can make queries with the same API Token for up to six months (depending on the expirationTime you set earlier):

Resources

  • Available queries and mutations are shown in the right panel of the browser:

  • GraphQL documentation: https://graphql.org/learn/
Avatar of authorJuan
Fix
5 years ago

About Integrates findings issue on 2019-10-17

What happened

  • From 7:38 AM to 2:17 PM most of the findings in the projects were not loading, when they were accesed the screen appeared blank.
  • The above happened after enabling the functionality that allows users to add a BTS (Bug Tracking System) URL for any treatment (previously it was only possible for the treatment “In progress”).
  • Previously, when a finding treatment was changed, a Null value was stored in the database in the BTS URL attribute. When the previous change was enabled, the frontend tried to convert to string a Null value, resulting in an error.

What we have done

  • We implement a workaround to solve the error temporarily, parsing the Null value from the database to an empty string.
  • We remove all Null values in the database and improve the source code in order to prevent the insertion of new Null values.

What is the impact

The majority of findings (approximately 80%) in the projects were inaccessible during the period initially described.

What we are doing to help

We are improving the data structure that is stored in the database and preparing the frontend to recover more easily to the errors generated by the data provided by the backend.

Avatar of authorJuan
Fix
5 years ago

About login issues on 2019-10-08

What happened

From 6:11AM to 8:05AM users could not log in to the platform due to authentication issues.
A quick fix was implemented, but we experienced issues when trying to deploy it. The issues were related to:

  • The cluster losing one of its nodes and thus not having enough compute power to run the deployment pipeline.
  • Integrates previous deployment being stuck due to hard limit policies.

What we have done

We have:

  • Re-deployed Integrates in our cluster with the proper fix to the specific issue.
  • Increased the number of nodes in our Kubernetes cluster to improve performance.
  • Improved Integrates’s deploying rules to avoid future deployment errors

What is the impact

Failed login attempts to Integrates from 6:11AM to 8:05AM that resulted in users getting an error message saying that they did not have authorization to access the platform. 38 users were affected by this at the most.

What we are doing to help

We are improving our cluster’s capabilities of recovering from undesired states.

Avatar of authorJuan
new
5 years ago

Finding Report

In the coming days, we will release a new feature that will allow analysts to report new findings directly on Integrates using the “New Draft” button:

When you button click on the button, a pop-up will emerge, requesting the title of the finding:

The title will be automatically filled out with the finding's name when you enter text in the field:

When you click on the “Proceed” button, a new draft will appear and some fields will be filled out, based on the standardization sheet of the finding.

The new draft can be found in the “Drafts” table:

At this point, all the finding’s tabs are ready to be filled out, and a new “Submit” button will be available:

When the finding is ready to be reviewed, you must click the “Submit” button. This will email the Project Manager and Reviewers, who will check the finding following the same process as before:

Some observations:

  • You cannot submit a draft if it does not have evidence, severity, or vulnerabilities.
  • Only the author of the draft can submit it and make changes to a non-submitted draft.
Avatar of authorJuan
new
5 years ago

Sonar for our public repos

Hello everyone,

In the last days we’ve been considering the possibility of adding Sonar to the CI pipelines of our public repositories. Yesterday we managed to run the first set of analysis that can be seen here:

https://sonarcloud.io/organizations/fluidattacks/projects

Soon, we will start integrating this process to our CI’s in order to be able to:

  1. Break the build with Sonar.
  2. Get Sonar reports on both Gitlab and SonarCloud.
  3. Guarantee that our code follows best practices.

Greetings!

Avatar of authorJuan