Data transmission
Last updated: Apr 14, 2026
Here is how we reduce information leakage when sending data to our clients.
Secure information-sharing system
We use an information-sharing system with DLP (data loss prevention) when sending sensitive information to our clients. This includes contracts, portfolios, and other confidential documents. Further, Fluid Attacks' platform offers a feature that allows clients to securely upload files that may be helpful or necessary to perform security testing.
Onion routing
The Fluid Attacks domain supports onion routing, which enhances user privacy and enables more fine-grained protection.
Watermarked reports
Every report that is downloaded via our platform comes with a watermark on all pages, specifying that only the individual who generated it is allowed to read it. This is used as a measure to identify who generated the report in the first place and discourage its distribution through channels other than our platform.
Requirements
- 032. Avoid session ID leakages
- 045. Remove metadata when sharing files
- 132. Passphrases with at least 4 words
- 261. Avoid exposing sensitive information
- 300. Mask sensitive data
Other privacy measures
Project pseudonymization
Fluid Attacks assigns pseudonyms to all projects so that employees without direct access cannot identify the client behind a project in internal systems.
Unsubscribe email
Fluid Attacks lets users unsubscribe from commercial and informative emails to stop receiving messages, in compliance with the right to withdraw consent.