Fluid Attacks News logo

News

Subscribe to Updates

Labels

  • All Posts
  • Fix
  • Announcement
  • Improvement
  • new

Jump to Month

  • April 2025
  • March 2025
  • February 2025
  • January 2025
  • December 2024
  • November 2024
  • October 2024
  • September 2024
  • August 2024
  • July 2024
  • June 2024
  • May 2024
  • April 2024
  • March 2024
  • February 2024
  • January 2024
  • December 2023
  • November 2023
  • October 2023
  • September 2023
  • August 2023
  • July 2023
  • June 2023
  • May 2023
  • April 2023
  • March 2023
  • February 2023
  • January 2023
  • December 2022
  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • November 2019
  • October 2019
  • September 2019
  • July 2019
Product Roadmap
In Review
VEX Support
new
In Progress
Azure integration
new
Container images analysis
new
PHP SAST Suppport
new
Platform redesign
new
CVSS 4.0 in our platform
new
Fix
3 years ago

About Machine emails 2022-03-01

What happened 

  • In normal conditions, an email is sent to the users to let them know about a comment made by our team with the result of a requested re-attack. This applies for both Machine and Squad plans. Currently, we are working on giving more useful information in the comments for re-attacks performed by Machine. Due to an error in the logic, the comment was being made for every vulnerability found by Machine, whether it had a re-attack requested or not.

What we’ve done 

  • We reverted the change that brought this flaw in the code. We also stopped all Machine executions that were running with a version of the code which had the bug.

What’s the impact 

  • Over 15.000 emails were sent to our customers whose code was analyzed by Machine before we detected the issue.
  • Some findings may have a lot of comments made by Machine.

What we are doing to help 

  • We are going to review the bugged logic to fix it, and we are going to increase the test cases before deploying it to production.
  • We are going to track the added comments and delete them from the database, so the users Consulting section is not full of useless comments.
Avatar of authorJuan
Fix
3 years ago

About availability Issue 2021-10-22

What happened

  • Due to a testing strategy implementation to reproduce production tests in local environments, a conflict in service ports unleash in a service outage.

What we’ve done

  • Revert commit that were causing the conflict.

What’s the impact

  • ARM was unavailable  from 2021-10-22 16:11PM until 2021-10-22 16:30 (19 min).

What we are doing to help

  • Pin production to a specific commit, not to master branch. Preventing rollout issues.
Avatar of authorJuan
Fix
3 years ago

About groups and agent Issues 2021-10-05

What happened

  • Due to a recent DB migration, some vulnerabilities are not loaded correctly, caused by an inconsistency in migrated data.

What we’ve done

  • Improve ARM logic to prevent errors due to those inconsistencies.
  • Update inconsistent data from backups.

What’s the impact

  • Accessing 40 groups in the ARM was intermittent from 2021-10-05 12M until 2021-10-05 16:40 (4.5 hours)

What we are doing to help

  • We are currently ensuring any further changes to our database have a full backup.
  • Continuous monitoring to data consistency.
Avatar of authorJuan
Fix
3 years ago

About availability Issues 2021-07-06

What happened

  • Due to a recent feature implementation in our authentication engine, we refactored some variables that conflicted with the ARM cache, preventing access to some Groups for a while.

What we’ve done

  • We immediately invalidated the faulty cache and fully restored access to the ARM

What’s the impact

  • Accessing the ARM was not possible for a few minutes. Between 12:05 and 12:24.

What we are doing to help

  • We are currently ensuring any further changes to our authentication engine are done in a safer and more spread out manner
Avatar of authorJuan
Fix
4 years ago

About Performance Issues 2021-05-04

What happened

  • Due to a recent feature implementation in our AI engine, we launched a new job that made a very huge set of parallel calls to our API, degrading its performance for a while.

What we’ve done

  • We immediately stopped the involved job and committed a first fix (https://gitlab.com/fluidattacks/product/-/commit/395ca6b2070382fcc76f764922520e5999836b65).

What’s the impact

  • Accessing the ARM was not possible for a few minutes.

What we are doing to help

  • We are currently ensuring we don't overload our API with lots of intermittent expensive calls and also optimizing how our AI engine communicates with the ASM.
Avatar of authorJuan
Fix
4 years ago

About Login Issues 2021-01-28


What happened

  • Due to a session management change (https://gitlab.com/fluidattacks/product/-/commit/1f67cd266283a8846ab8fc84ed761a3b89d2ff33) user cookies were deleted for current session.

  • If a user sign-in with an existent session all cookies are deleted and an unauthorized error is propagated through all user sessions. The bug was injected on 2021/01/27 14:31 (EST).

What we’ve done

  • Now the cookies are not deleted, only a notification about concurrent sessions. (https://gitlab.com/fluidattacks/product/-/commit/b8600cc80d0b4fd5142a02c7f0d71b564f68bb25)

What the impact was

  • Users who tried to log in with existent sessions get unauthorized error.

What we are doing to help

  • Check all user sessions to confirm if any user is affected. 
Avatar of authorJuan
Fix
4 years ago

About Vulnerabilty Loading Issue 2020-12-17

What happened

  • Due to a large recent cache migration, we didn't figure out how many new Redis connections would appear, so our connection limit parameter was not updated.
  • That caused some Redis connections not to reach the endpoint between 2020/12/17 13:30 (EST) and 2020/12/17 15:20 (EST).

What we’ve done

  • We found the right value for this parameter and committed the fix (https://gitlab.com/fluidattacks/product/-/commit/03730d0c95ddd84cde5771ed91560504518866fa).

What the impact was

  • Vulnerability loading for some big projects was not working.

What we are doing to help

  • We currently ensure that we properly adjust each existing parameter of our Redis instance for every incoming cache change.
Avatar of authorJuan
Fix
4 years ago

About Integrates Outage on 2020-12-03

What happened

  • We are currently working on migrating our backend through Starlette.
  • On 2020/12/03 at 17:15 (EST), our team removed old configurations from Django and Kubernetes cluster. We didn't notice that the main redirection / was associated with Django.

What we’ve done

  • After down notification, our team implemented a temporary fix moving / redirection to the Kubernetes ingress. We recovered service on 2020/12/03 at 18:05 (EST).
  • We approved the final solution on 2020/12/03 at 18:19 (EST).

What the impact was

  • Users were unable to log in from 2020/12/03 17:46 until 2020/12/03 18:05.

What we are doing to help

  • We continue standardizing our backend to Starlette.
  • We continue debugging the process and making tests for all functionalities in search of unexpected path problems.
Avatar of authorJuan
Fix
4 years ago

Executive Reports

What happened

  • We are currently working on migrating our backend through Starlette.
  • On 2020/11/20 at 15:41 (EST), our team moved the pkg to the new back. We expected this change would not affect anything, but on November 23 at 11:11 (EST), we noticed that the Executive reports weren’t generated because some paths didn’t match with the new structure.

What we’ve done

  • After a debug process, our team reproduced the issue at 11:20 (COT) on 2020/11/23.
  • We approved the solution on 2020/11/23 at 13:26 (COT).

What the impact was

  • Users were unable to generate reports to Integrates from 2020/11/20 until 2020/11/23 at 11:30.

What we are doing to help

  • We continue to standardize our backend to Starlette.
  • We continue to debug the process and make tests for all functionalities in search of unexpected path problems.
Avatar of authorJuan
Fix
4 years ago

Issues With Email Links

What happened

  • We are currently working on migrating our backend through Starlette.
  • We noticed that the emails sent between 2020/11/20 and 2020/11/23 redirected to an unauthorized view and closed the session. With this transition to Starlette, we use a new path with /new, which causes some functions to be no longer available in the old path.

What we’ve done

  • After a debug process, our team figured out the issue on 2020/11/20 at 18:10 (COT) and worked on the fix.
  • We deployed the solution on 2020/11/23 at 09:32 (EST).

What the impact was

  • Users could not use the links sent on emails that redirect to Integrates from 2020/11/20 until 2020/11/23 at 11:30 (EST).

What we are doing to help

  • We continue standardizing our backend to Starlette.
  • We continue debugging the process and making tests for all functionalities in search of unexpected path problems.
Avatar of authorJuan