Fluid Attacks News logo

News

Subscribe to Updates

Labels

  • All Posts
  • Fix
  • Announcement
  • Improvement
  • new

Jump to Month

  • April 2025
  • March 2025
  • February 2025
  • January 2025
  • December 2024
  • November 2024
  • October 2024
  • September 2024
  • August 2024
  • July 2024
  • June 2024
  • May 2024
  • April 2024
  • March 2024
  • February 2024
  • January 2024
  • December 2023
  • November 2023
  • October 2023
  • September 2023
  • August 2023
  • July 2023
  • June 2023
  • May 2023
  • April 2023
  • March 2023
  • February 2023
  • January 2023
  • December 2022
  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • November 2019
  • October 2019
  • September 2019
  • July 2019
Product Roadmap
In Review
VEX Support
new
In Progress
Azure integration
new
Container images analysis
new
PHP SAST Suppport
new
Platform redesign
new
CVSS 4.0 in our platform
new
Improvement
4 years ago

Vulnerabilities Table

Now the vulnerabilities table is more descriptive.

You can filter, add, or remove columns and get all information about vulnerabilities in your group.

All features are the product of a team effort. You can be part of it and contribute by leaving your comments here in this post or sending them to help@fluidattacks.com.

Avatar of authorJuan
new
4 years ago

Environments in Git Roots

We give more relevance to the most important thing in any app, the source code. Now environments are included in Git Roots.

All source code needs to be deployed in an environment; this is why you need to select a Git Root as the origin of the code deployed in a specific environment.

If you want to add or edit an environment, you need to select the git root associated with the URL.

Add the desired URL, and that's it.


Avatar of authorJuan
Fix
4 years ago

About Vulnerabilty Loading Issue 2020-12-17

What happened

  • Due to a large recent cache migration, we didn't figure out how many new Redis connections would appear, so our connection limit parameter was not updated.
  • That caused some Redis connections not to reach the endpoint between 2020/12/17 13:30 (EST) and 2020/12/17 15:20 (EST).

What we’ve done

  • We found the right value for this parameter and committed the fix (https://gitlab.com/fluidattacks/product/-/commit/03730d0c95ddd84cde5771ed91560504518866fa).

What the impact was

  • Vulnerability loading for some big projects was not working.

What we are doing to help

  • We currently ensure that we properly adjust each existing parameter of our Redis instance for every incoming cache change.
Avatar of authorJuan
new
4 years ago

Adding Exclusions

With the change of how we add repos to Integrates (https://news.fluidattacks.com/changing-the-way-of-add-and-edit-repositories-2BmptS) comes a new functionality to manage code exclusions or inclusions.

When you add a repo or edit one, and you want to exclude or include something from our analysis, add the full path to the file or folder you wish to exclude or include. Simple as that.



Avatar of authorJuan
Improvement
4 years ago

Simplifying Zero Risk Requests

Do you think that requesting a Zero Risk was awful? Now it is simple and easy.


ONE button, all options:

When you edit a vulnerability, you can choose all known options and the new Zero Risk treatment. That's it.

If you have any doubts about Zero Risk treatments, please visit https://news.fluidattacks.com/zero-risk-vulnerabilities-10A0dq.

All features are the product of a team effort. You can be part of it and contribute by leaving your comments here in this post or sending them to help@fluidattacks.com.

Avatar of authorJuan
Fix
4 years ago

About Integrates Outage on 2020-12-03

What happened

  • We are currently working on migrating our backend through Starlette.
  • On 2020/12/03 at 17:15 (EST), our team removed old configurations from Django and Kubernetes cluster. We didn't notice that the main redirection / was associated with Django.

What we’ve done

  • After down notification, our team implemented a temporary fix moving / redirection to the Kubernetes ingress. We recovered service on 2020/12/03 at 18:05 (EST).
  • We approved the final solution on 2020/12/03 at 18:19 (EST).

What the impact was

  • Users were unable to log in from 2020/12/03 17:46 until 2020/12/03 18:05.

What we are doing to help

  • We continue standardizing our backend to Starlette.
  • We continue debugging the process and making tests for all functionalities in search of unexpected path problems.
Avatar of authorJuan
Improvement
4 years ago

Tracking Changes in Vulnerabilities

Keeping track of the vulnerabilities is very important. Now you can see everything that's happening with the vulnerabilities in one place.

The Integrates's tracking tab now includes information about treatments.

Tracking view

But what is a cycle? It's any change related to your vulnerabilities. If you have a new vulnerability or define a treatment, a new cycle will be created in the tracking view.

All features are the product of a team effort. You can be part of it and contribute by leaving your comments here in this post or sending them to help@fluidattacks.com.

Avatar of authorJuan
Improvement
4 years ago

New Features in Your Inbox

We are launching a new system to keep our customers updated with all changes in Integrates. 

You can subscribe to the service to receive updates directly in your inbox.

You can do it through our news page news.fluidattacks.com or our news widget included in integrates.fluidattacks.com.

Also, you can leave reactions or comments to our feeds.


Avatar of authorJuan
Improvement
4 years ago

Changing the Way to Add and Edit Repositories

We know that repo and code management may be a headache. To keep this simple and organized, we released some changes in how our customers can add repositories to Integrates and introduced the possibility to edit some information.

In this release, you will find new fields, some questions to know your repo's status, and the possibility of defining filters to include or exclude folders from the analysis.

If you are planning to add new repositories or edit existing ones, you will see this menu.

In the URL field, you need to add an SSH cloning URL that you can find in your GIT system:

An important thing here is that you can ask for a repository health check directly from Integrates. You can do this at the time of the repository's creation or at any time after that.

All features are the product of a team effort. You can be part of it and contribute by leaving your comments here in this post or sending them to help@fluidattacks.com.


 

Avatar of authorJuan
new
4 years ago

Accepting Vulnerabilities

The essential thing in Integrates is the vulnerabilities. That is why we were implementing some changes to give the vulnerabilities the relevance that they deserve. This is why now you can accept vulnerabilities one by one and define different treatments according to your product strategy.

To accept a vulnerability, go to the Vulnerabilities tab and click on the Edit button:

1.png

After that, select all the vulnerabilities for which you want to change the treatment:

4.png

Then, as usual, select the desired treatment and the person responsible for that treatment (if applicable); finally, provide the justification.

3.png

Now you can check the current treatment for each vulnerability in the vulnerabilities table.

Remember, all features are the product of a team effort. You can be part of it and contribute to creating a new feature by joining the Fluid Attacks Community or sending your comments to help@fluidattacks.com.

Avatar of authorJuan