Do you know that you can include our Agent in your Pipeline to make the verifications before deploying your product to production? In the scope tab of the ARM Platform, there is DevSecOps Agent, where you can generate new tokens or go directly to the documentation and install it.

We would love to hear about your experience with this ARM section: Has the agent been installed in your pipeline? If not yet, we warmly invite you to do so! Utilize this remarkable tool and witness its capabilities. If you have any questions, feel free to leave a comment here or send them to help@fluidattacks.com.

You can now enjoy the information on our website in Spanish. We aim to ensure that every visitor understands our offer without language barriers. Click on the following link https://fluidattacks.com/es/  and enjoy this new improvement.

Great news! You now have the option to add your credentials/secrets to your AWS environment. This will allow us to access your environment and detect any vulnerabilities in your infrastructure. Add them to the Scope -> Git Root -> Environments -> Cloud -> AWS option. 

Don't wait any longer; add your credentials/secrets now and keep your AWS environment safe from potential vulnerabilities. If you want to learn more, visit our official documentation. Stay up-to-date with all our announcements by subscribing to our News channel.

We are pleased to announce that you can now use GraphiQL 2, the latest version of the playground, where you can make API queries. In this version, you can continue to enjoy the previous version's features, such as documentation, a history of your most recent queries, and query prettifying, among others.

GraphiQL 2 features a more modern and visually appealing interface. Don't wait any longer! Visit our official documentation and start using this fantastic tool. We invite you to subscribe to our News channel to stay updated on all our announcements.

Do you already notice the new column added in our Locations section? This is called % Risk exposure, and it shows us the level of exposure (CVSSF) of each location individually, making it clearer which locations have the highest exposure/risk impact so that we can take preventive measures more effectively.

Remember that we are committed to improving our platform to continuously offer you an exceptional experience. Let us know what you think about this new column. Does it offer you valuable information? We love to read and respond to your requests, so we invite you to write to us at help@fluidattacks.com. Subscribe to our News channel; we publish weekly information of interest on our ARM platform.

In our constant commitment to providing you with the best experience on our ARM platform, we are pleased to announce that we have made a significant change. From now on, the tab formerly known as "Stakeholders" has been modified and renamed "Members." The main purpose of this change is to ensure that the functionality of this section is more accurately reflected.

Remember that this section can be found at the Organization and Group level. We invite you to access our official documentation to learn more about this section. As it is always important for us to know the opinion of our users, write us to help@fluidattacks.com if you have any questions or comments about this change.

We have recently improved our test certificates to make them more precise and concise. When reading them, you will see more explicit and concrete wording of the hacking service provided to the client. In addition, we have improved the content of the service results table, adding a new column that shows the number of accepted vulnerabilities according to their severity level.

This improvement will give customers a much clearer understanding of the work being provided to them. Remember that the role that can download these is the User Manager. Let us know what you think about this improvement by writing us in this post or writing to our mail help@fluidattacks.com

Our DevSecOps agent can break the build to force the remediation of vulnerabilities when strict mode is enabled. Still, when the strict way is disabled, the agent will only generate a warning. You can find a chart named Your commitment towards security, showing the number of builds you have deployed with strict mode enabled and how many are disabled. This can give you an idea of how committed you are to preventing vulnerable builds from reaching production.

Do you know the different types of events that can be reported on the ARM platform?  We invite you to access our official documentation, where you can learn about them and thus better understand the events that may take place in your projects. Remember that if you have any questions or feedback, please do not hesitate to contact our support team at help@fluidattacks.com. Also, we want to keep you updated on the features of our ARM platform; that is why we recommend you subscribe to our News channel so that you don’t miss any of our announcements.

We are pleased to announce that our new Severity column is now available in the Locations section. With this score, you can see the CVSS of each reported vulnerability individually, giving us more granular and independent information.

Let us know. Do you find this metric useful? Does it provide relevant information? Leave us your comments in this post, or you can email us at help@fluidattacks.com our support team is there to help you.