Skip to main content


When it comes to a field as critical as cybersecurity, it is always best to be aware of the ideal conditions that allow for systems to be as secure as possible and the issues associated with non-compliance. At Fluid Attacks, we recognize this, which is why we are committed to sharing our knowledge on the topic with our clients and the community. Using a reasonable and meticulous method, we have been building this information over the years and have compiled it into three categories, which we present in this section of our documentation, called Criteria.

In the first part, we provide a list in which we reference all the international security standards that we have filtered and condensed to construct our summary of requirements. In the second part, we present that list of security requirements that guide and determine the rigor of our tests. And finally, we exhibit an ever-evolving list of vulnerabilities, grouped according to CAPEC (Common Attack Pattern Enumeration and Classification), which supports our security assessments and analysis as a red team.

free trial

Search for vulnerabilities in your apps for free with our automated security testing! Start your 21-day free trial and discover the benefits of our Continuous Hacking Machine Plan. If you prefer a full service that includes the expertise of our ethical hackers, don't hesitate to contact us for our Continuous Hacking Squad Plan.