Did you know you can see what data was exfiltrated when our hackers exploited a vulnerability found in your system? You can find this out by visiting the Records subsection that you find after you select the type of vulnerability you want to explore. Thanks to this information, you can clearly understand what this vulnerability allows attackers to achieve.

 Leave us your opinion in the comments of this section, or you can write to us at help@fluidattacks.com. Don't forget to subscribe to our News channel so that you don't miss any of our announcements.

It is available in our executive report of our ARM, the scope section, which shows you data about your group's roots, helping you to get a clear picture of the inputs for assessment.

If you want to know how to download reports click here. We invite you not to miss our weekly announcements by subscribing to our News channel.

We are excited to announce the security standards we apply in Fluid Attacks. This standard is the OWASP Mobile Application Security Verification Standard (OWASP MASVS) is a standard for mobile app security. It is used by mobile software architects and developers seeking to develop secure mobile applications, as well as security testers, to ensure completeness and consistency of test results.

The version used in this section is OWASP MASVS v1.4.2. Let us know what you think of this standard by emailing us at help@fluidattacks.com. If you want to know more about this standard or others that we are applying to, we invite you to visit the Compliance section of our documentation.

Do you want to know what languages you use in your repositories and what percentage? It is very easy! You have to go to Organization -> Group -> Surface -> Languages; there, you will find a table that will give you this information, where you can see the language, how many lines of code, and its percentage of use.

If you want to know more about the Surface section, click here. Let us know what you think about this new languages section by leaving a comment in the post or writing us at help@fluidattacks.com.

We are pleased to announce our new graph called Aggregated exposure benchmark, which shows my risk exposure level (CVSSF) compared to the best, average, and worst organizations, groups, or portfolios. Thanks to this new metric, you can compare your risk level and take action plans to lower this score.

You can find this graph in our three analytics sections. We invite you to enter here if you want to know more about this section. Don't forget to subscribe to our News channel, so you don't miss any announcements.

With our great graphic Open exposure by groups, you can see the total exposure  that open vulnerabilities represents for each of the groups you manage, according to our CVSSF metric. This chart helps you establish comparisons and know which groups have higher cumulative exposure to prioritize them and better organize your work to remediate open vulnerabilities.

You can find this chart in the Analytics sections of your organizations and portfolios. Don't forget to subscribe to our News channel.

Each table on the ARM has a Filters option, which optimizes your search experience. The table in the DevSecOps section is not exception. You will find the following filter options, which will let you find what you need regarding details of our agent's execution in your pipeline.

Feel free to use this awesome tool! Don’t forget to subscribe to our News channel so that you don't miss any of the news we post every week.

We are pleased to announce our new feature called Vulnerabilities download, which will download all of your organization's vulnerabilities in a .CSV file. To download this file go to Organization -> Analytics; there, you will find the vulnerabilities button; click on it to download the file; click here for more information.

Thanks to this ARM feature, you can analyze all the vulnerabilities found at the organization level and use this data for your convenience. Subscribe to our News channel, so you don't miss any weekly publications.

Every day we are working to improve our Security Standards we are implementing in Fluid Attacks. Today we want to tell you about the standard Common Weakness Enumeration Top 25 (CWE Top 25) is a demonstrative list and valuable community resource of the most common and impactful issues experienced over the previous two calendar years. 

It can help developers, testers and users to provide insight into the most severe and current security weaknesses. The version used in this section is CWE Top 25 2022. Remember, if you want to know more about this standard or others we are applying to, we invite you to enter the Compliance section of our documentation.

If you are a user manager on the ARM, you can manage in the Stakeholders section which persons take part in your group. To invite someone, just click the Add button. A pop-up window will appear, asking you to provide the email, role and responsibilities of the person you wish to add.

If you want to know more about this section of the ARM, we invite you to click here. Remember that your opinion is important to us. We invite you to comment on this post or email us at help@fluidattacks.com.