Fluid Attacks News logo

News

Subscribe to Updates

Labels

  • All Posts
  • Fix
  • Announcement
  • Improvement
  • new

Jump to Month

  • June 2025
  • April 2025
  • March 2025
  • February 2025
  • January 2025
  • December 2024
  • November 2024
  • October 2024
  • September 2024
  • August 2024
  • July 2024
  • June 2024
  • May 2024
  • April 2024
  • March 2024
  • February 2024
  • January 2024
  • December 2023
  • November 2023
  • October 2023
  • September 2023
  • August 2023
  • July 2023
  • June 2023
  • May 2023
  • April 2023
  • March 2023
  • February 2023
  • January 2023
  • December 2022
  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • November 2019
  • October 2019
  • September 2019
  • July 2019
Improvement
4 years ago

New Comment Component

In the last few days, we changed our comment component.

We did this, intending always to use secure and up-to-date components.

While for us, it implied a significant change at the platform level, for you, it is only a visual change.

We hope this change is to your liking, and we will be attentive to our support channel help@fluidattacks.com for any questions that may arise.

Avatar of authorJuan
Improvement
4 years ago

GIT Roots and Vulnerabilities

As part of our evolution towards having more control over the information published in our app, it is now possible to know which vulnerabilities belong to each repository.

This is the first step into a new world of possibilities. For now, the only control implemented is that only GIT Roots that do not have vulnerabilities linked to them can be deactivated.

If you see this error, don't worry. It means that the GIT Root you are trying to deactivate has vulnerabilities linked to it.

In order to deactivate it, close or eternally accept these vulnerabilities.

We will be adding more controls and use cases in the coming weeks, so stay alert for upcoming announcements.

Avatar of authorJuan
Improvement
4 years ago

Root Deactivation

Tracking the source code and why any portion of the software is excluded from Fluid Attacks analysis should be major issues in group management.

Therefore, if you are going to deactivate a GIT Root, you must declare why you are going to do so.

For now, the options are the following:

  • Out of scope
  • Registered by mistake

But we are going to add more options in the coming weeks.

Avatar of authorJuan
Improvement
4 years ago

New Presentation of Vulnerability Info

A few months ago, we referred to a new model that we added to present information about vulnerabilities. In this case, we have improved this presentation by simply adjusting the texts in two columns for your convenience.

 

All features are the product of a team effort. You can be part of it and contribute by leaving your comments here in this post or sending them to help@fluidattacks.com.

Avatar of authorFelipe Ruiz
Improvement
4 years ago

Disabling Git Roots

Please pay attention to the following:

From now on, to disable git roots in our Attack Resistance Management, it is necessary that you assume/accept or close/remediate all vulnerabilities associated with those roots. Remember, if you don't do this, you will not be able to disable them.

All features are the product of a team effort. You can be part of it and contribute by leaving your comments here in this post or sending them to help@fluidattacks.com.

Avatar of authorFelipe Ruiz
Improvement
4 years ago

New CVSS View

Hi there,

Not everything is vulnerabilities, risk assessment, or reattacks. There is always a place for other improvements.

It is my pleasure to announce the new way to represent the CVSS v3.1 score.

Now every metric of the score is represented by an icon helping to understand each of them.

Please check your vulnerabilities, and if you have any doubt, don't hesitate to contact us.

All features are the product of a team effort. You can be part of it and contribute by leaving your comments here in this post or sending them to help@fluidattacks.com.


Avatar of authorJuan
new
4 years ago

New URL *ACTION REQUIRED*

Our team is continuously working to provide you with a better experience. 

From April 15th, you will be able to access our Attack Resistance Management (formerly called Integrates) through the following URL: http://app.fluidattacks.com/.

We recommend that you bookmark this updated URL for your convenience, as the current URL (https://integrates.fluidattacks.com/) will stop working from the announced date.

Additionally, please be aware that the API's URL will change from integrates.fluidattacks.com/api to http://app.fluidattacks.com/api.

Avatar of authorJuan
new
4 years ago

Date Filter

Have data available for making decisions is the dream of any manager. But always, a context is needed. We know that, and that is why in one of our recent deployments, we add a time filter option for these three graphics:

  • Vulnerabilities over the time
  • Mean time to remediate (all vulnerabilities)
  • Mean time to remediate (non treated vulnerabilities)


You can select one of the defined filters:

  • All data
  • Last 90 days
  • Last 30 days

This is useful to evaluate the team effort in specified dates.

All features are the product of a team effort. You can be part of it and contribute by leaving your comments here in this post or sending them to help@fluidattacks.com.



Avatar of authorJuan
new
4 years ago

DevSecOps Agent Token

Security and UX don't always go hand in hand, but it is one of our main goals to keep it together as possible.

A few days ago, we deployed a new DevSecOps agent version that improves its predecessor's stability, performance and usability. This new version comes with some changes to how the agent is going used.

Now, in our ARM scope section (Organization>Groups>GroupName>Scope), you will find DevSecOps Agent Token section. 

Where you can copy required token to execute DevSecOps Agent.

Only group managers could view and copy the token, so if you need to get the token, please contact them.

All features are the product of a team effort. You can be part of it and contribute by leaving your comments here in this post or sending them to help@fluidattacks.com.

Avatar of authorJuan
Improvement
4 years ago

Vulnerabilities Treatment Edition

Manage vulnerabilities could be confusing and complicated. Our team is committed to easing our customer's processes.

Simplifying treatment management, we add a new tab to the vulnerability details menu, in which you can change vulnerability treatment, define tags, or custom criticality level.

All features are the product of a team effort. You can be part of it and contribute by leaving your comments here in this post or sending them to help@fluidattacks.com.

Avatar of authorJuan