Do you want to see what ports of your application have vulnerabilities or if it's safe? This information is provided by Ports, which you can find in the third tab of the surface section. Thanks to this information, you will be able to see in a summarized form the status of your application, showing you in detail information such as the IP Address, when the vulnerability was detected, if it is still present in your analysis, etc.

You can enter here if you want to know more about this section. At Fluid Attacks, we work daily to increase the flexibility and practicality of our ARM platform. Remember that your opinion is important to us. We invite you to comment on this post or email us at help@fluidattacks.com.

With the new Temporary treatment alert notification, it will report the vulnerabilities with the temporarily accepted treatment having seven or fewer days to the end of this treatment, grouping in a single email the groups and you are, helping us to have follow-up and control of the vulnerabilities that you have assigned and thus to be able to give a solution before it expires.

We invite you to subscribe to our News channel, where we post information weekly on new features and improvements to our ARM platform.

Scope overview is the new metrics you can see in the Groups section in the ARM platform. Here you can see four boxes, the first two, Covered Authors and Repositories, show us the total number of authors and repositories active in the source code analysis.

Now Missed Authors and Repositories are the following two boxes which are the number of authors and repositories that are not included in the source code analysis. These repositories are evidenced through the Out of Scope section, which is part of Azure DevOps pat credentials. Thanks to these metrics, you can quickly visualize which repositories are not included in the analysis.

Do you know the new ARM section called Out of Scope? With this, you can add repositories that already have Azure DevOps PAT (Personal Access Token) credentials added. Here you can specify to which group will add the selected repository for source code analysis.

You can click here if you want to know how to add repositories. We invite you to leave us your opinion by writing us in the post or emailing at help@fluidattacks.com.

We are pleased to announce that you can now add Azure credentials in the scope section or Global credentials. You can find out which repositories are not being analyzed by looking at that information in the Out of Scope section. Thanks to this, you can specify what kind of credentials and repositories you want to be taken into your source code analysis.

You can enter here if you want to know more about this section. Let us know in your comments what you think about this improvement by writing us in the post or by emailing us at help@fluidattacks.com.

We are pleased to announce the new notification called Consulting digest, which will be announced in a daily report of the comments made in the consulting sections (at the group, event, and vulnerability levels). Thanks to this implementation, you will be able to receive an email compiling all this information, reducing your number of comments emails daily.

If you want to know more about the notification matrix, we invite you to follow this link and subscribe to our News channel.

On the ARM, it is possible to know how many vulnerabilities a specific user has accepted by Accepted vulnerabilities by user chart. To find it, scroll down the Analytics sections of your organizations, groups, or portfolios. Here you can see the users who have accepted the vulnerabilities either temporarily or permanently accepted. This information can help manage vulnerability treatments.

Remember that your opinion is important to us. We invite you to comment on this post or email us at help@fluidattacks.com and subscribe to our News channel.

Do you know what the information section located in the scope tab is? In this section, you can edit your information about the group. You can add or change information such as Language, Description, Business Registration Number, Business Name, Sprint Length, Sprint Start Date, and managed. Just click on the edit button, which will open the pop-up window where you can easily change these. We invite you to click here if you want to know more about this section.

We invite you to subscribe to our News channel, where we post information weekly on new features and improvements to our ARM platform.

Manipulating the data displayed in the Lines tab tables in the Surface section can be done by using the Columns filter. This helpful filter helps us to show or not to show specific columns that are not of significant importance based on the need. With a simple click on Columns, you can select the filters you want to use. Thanks to this feature, you can visualize the data you want in the table and make it visually easier to find information of interest.

At Fluid Attacks, we work daily to increase the flexibility and practicality of our platform. Remember that your opinion is important to us. We invite you to comment on this post or email us at help@fluidattacks.com.

Every day we are working to improve our users' Security Standards we are implementing in Fluid Attacks. The standard we want to talk about today is NIST 800-115 is an overview of the key elements of security testing. It directs organizations on planning and conducting technical information security testing, analyzing the findings, and developing remediation strategies.