Vulnerability Alert will notify users when a new vulnerability is detected or if it has been remediated. Thanks to this notification, you will be able to quickly identify the risks that your organization is facing, promptly address them, or recognize the risks that have just been mitigated..

If you want to know how to activate all the notifications we manage on our platform, we invite you to review the notification matrix that you can find in the User information drop-down menu. 

Every day, we work to enhance our Security Standards at Fluid Attacks. Today, we would like to inform you about the NIST 800-63B standard. It is a digital identity guideline that provides recommendations on types of authentication processes that may be used at various Authentication Assurance Levels (AALs).

It plays a crucial role in ensuring the secure digital authentication of subjects to systems across network environments. Please remember that if you would like to learn more about this standard or others that we are implementing, we invite you to visit the Compliance section of our documentation.

This metric shows us the types of open vulnerabilities and their severity level according to the exposure severity level of our CVSSF metric, the number of Vulnerabilities, according to what type of Code, infra, and app.

This chart is found in the Organization, Group, and Portfolio sections. Let us know what you think about this chart by writing to us in this post or emailing us at help@fluidattacks.com. We invite you not to miss our weekly announcements on our News channel.

The OWASP ASVS project establishes an essential standard for evaluating technical security controls in web applications and provides developers with a list of requirements for secure development.

The version used in this section is OWASP-ASVS v4.0.3. You can find this and other standards we are applying in the Compliance section of our Documentation.

Checking the status of assigned vulnerabilities is now possible! With our assigned vulnerabilities status chart, you can easily view the status (Open or Closed) of all vulnerabilities based on their assignment.

You can find this graphic in Org, Groups, and Portfolio. To make sure you don't miss any of these announcements, we invite you to subscribe to our News channel.

You have the flexibility to Deactivate a Git Root on the scope section. When that happens, you will receive an email titled Root Deactivated, which will tell you what root has been deactivated, giving you information about which user did it and the reason for it.

If you want to learn more about our Matrix of notifications, click here. We invite you to subscribe to our News channel to stay updated on all the improvements and new features on the platform.

How about having a chart that provides you with the average time it takes for your team to remediate vulnerabilities according to their severity? Thanks to the Mean Time To Remediate (MTTR) by CVSS severity bar chart, you can have these averages in days for critical, high, medium and low severity levels. 

Remember that you can find this chart in the Analytics section for your organizations, groups and portfolios. At Fluid Attacks, we always hope to help you better manage vulnerabilities so that you can achieve prompt remediation.

The filters in the Vulnerabilities section are an excellent tool for streamlining the search for data of your utmost interest. They allow you to focus on vulnerabilities that matter most to you, with nine options, including Location, Type, Status, and others.

Remember to use this powerful tool to save time and obtain effective results. Remember to subscribe to our News channel to stay updated on all our announcements!

Our commitment is rooted in the implementation of best practices and adherence to stringent cybersecurity standards. Today, we delve into the significance of PCI DSS, the global data security standard adopted by payment card brands for all entities that process, store, or transmit cardholder data and sensitive authentication data.

The version used in this section is PCI DSS v4.0, March 2022. You can find this and other standards we are applying in the Compliance section of our Documentation.

Do you know the functionalities offered by the Vulnerabilities section? In total, we have four of them: 

• 
  Columns filter: This allows you to filter the columns in the table to customize the information displayed.
• Filters: filter the columns in the table to customize the information displayed.
• Generate report: Allows to generate reports (technical or executive) with the data.
• Search bar: Provides a search bar to find specific information quickly and efficiently.