Skip to main content

Introduction

When it comes to a field as critical as cybersecurity, it is always best to be aware of the ideal conditions that allow for systems to be as secure as possible and the issues associated with non-compliance. At Fluid Attacks, we recognize this, which is why we are committed to sharing our knowledge on the topic with our clients and the community. Using a reasonable and meticulous method, we have been building this information over the years and have compiled it into three categories, which we present in this section of our documentation, called Criteria.

In the first part, we provide a list in which we reference all the international security standards that we have filtered and condensed to construct our summary of requirements. In the second part, we present that list of security requirements that guide and determine the rigor of our tests. And finally, we exhibit an ever-evolving list of vulnerabilities, grouped according to CAPEC (Common Attack Pattern Enumeration and Classification), which supports our security assessments and analysis as a red team.

free trial

Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.