Implemented

🎓 Enterprise-grade security and compliance certifications: Fluid Attacks obtained ISO/IEC 27001:2022 and ISO/IEC 27701:2019 certification, controls aligned with ISO/IEC 27017:2015 and ISO/IEC 27018:2019, a SOC 2 Type II attestation and SOC 3 report, PCI DSS v.4.0.1 validation, and measures designed to support GDPR compliance.

🪽 Migrate platform authentication to Auth0: We replaced in-house Google, Microsoft, and Bitbucket authentication flows with Auth0, removing the need for one-time passwords (OTPs) to log in to the platform and generate reports, thereby providing a simpler authentication experience.

⚙️ Two new subprocessors: As part of the previous implementation, we now use Auth0 as a subprocessor to manage user identities, ensure secure logins and token-based access control, and store user profiles and credentials. In addition, we use the AI-powered platform Iru, which unifies identity and access management, endpoint security and management, and compliance automation.

Upcoming

🌳 SCA Autofix from VS Code and IntelliJ extensions.

🔡 Support for Rust as a new language, with full coverage: vulnerability detection, package managers, reachability, and fixes.

🎯Accuracy SLA on the platform for Advanced plan customers.

✌🏼 Two new security testing techniques: Secret scanning and DAST API.

⚠️ Fluid Attacks call notice ⚠️

Our education specialists may be calling your team members to offer onboarding and adoption support for new features on our platform. This is a reliable procedure in which we will never seek to discuss your software's vulnerabilities. However, if you have any questions, please contact us at help@fluidattacks.com.

✨ Have 10-15 minutes to spare? ✨

Share your opinions on our AppSec solution on Gartner Peer Insights and earn a $25 gift card! Your feedback helps others make informed decisions and shapes the future of application security. Just follow this link! Remember, your review can also be in Spanish.