Every day we work to improve the Security Standards we implement in Fluid Attacks. Today we want to tell you about the standard ISO/IEC 27001 provides requirements for an information security management system (ISMS).

Using them enables organizations of any kind to manage the security of assets such as financial information, intellectual property, employee details, or information entrusted by third parties. The version used in this section is ISO/IEC 27001:2022 - Annex A.

In the DevSecOps section, when you select an execution performed by our DevSecOps agent, you will see a pop-up window with details about that execution. In the Summary table, you have Columns filter, which allows you to select the available columns you want to be displayed and which you wish to be hidden in the table.

At Fluid Attacks, we work daily to increase the flexibility and practicality of our platform. Remember that your opinion is important to us. We invite you to comment on this post or email us at help@fluidattacks.com.

Knowing the number of your repositories plus branches on which our DevSecOps agent has been executed is possible thanks to the Repositories and branches metric on the ARM platform. You can find this information in the Analytics section of your groups. 

If you want to know how to implement the agent in your pipeline, we invite you to access the official documentation. Also, if you want to know more about the Analytics section, you can enter here.

Do you know the standard Minimum Viable Secure Product (MVSP)? It is a cybersecurity checklist baseline that lists controls to ensure minimally viable security posture of a product.

We work daily to improve the Security Standards we implement in Fluid Attacks. Remember, you can find this and other standards we are applying in the Compliance section of our Documentation.

Do you know that you can include our Agent in your Pipeline to make the verifications before deploying your product to production? In the scope tab of the ARM Platform, there is DevSecOps Agent, where you can generate new tokens or go directly to the documentation and install it.

We would love to hear about your experience with this ARM section: Has the agent been installed in your pipeline? If not yet, we warmly invite you to do so! Utilize this remarkable tool and witness its capabilities. If you have any questions, feel free to leave a comment here or send them to help@fluidattacks.com.

You can now enjoy the information on our website in Spanish. We aim to ensure that every visitor understands our offer without language barriers. Click on the following link https://fluidattacks.com/es/  and enjoy this new improvement.

Great news! You now have the option to add your credentials/secrets to your AWS environment. This will allow us to access your environment and detect any vulnerabilities in your infrastructure. Add them to the Scope -> Git Root -> Environments -> Cloud -> AWS option. 

Don't wait any longer; add your credentials/secrets now and keep your AWS environment safe from potential vulnerabilities. If you want to learn more, visit our official documentation. Stay up-to-date with all our announcements by subscribing to our News channel.

Our DevSecOps agent can break the build to force the remediation of vulnerabilities when strict mode is enabled. Still, when the strict way is disabled, the agent will only generate a warning. You can find a chart named Your commitment towards security, showing the number of builds you have deployed with strict mode enabled and how many are disabled. This can give you an idea of how committed you are to preventing vulnerable builds from reaching production.

Do you know the different types of events that can be reported on the ARM platform?  We invite you to access our official documentation, where you can learn about them and thus better understand the events that may take place in your projects. Remember that if you have any questions or feedback, please do not hesitate to contact our support team at help@fluidattacks.com. Also, we want to keep you updated on the features of our ARM platform; that is why we recommend you subscribe to our News channel so that you don’t miss any of our announcements.

Do you know the Temporal acceptance: maximum number of assignments for a single vulnerability policy? This policy helps us define how many times I can request a temporarily accepted for the same vulnerability.

If you want to know more about the Policies of our ARM Platform, we invite you to click here.  We also invite you to subscribe to our News Channel and do not miss the weekly announcements.