Supported standards
Last updated: Mar 16, 2026
Supported
Fluid Attacks conducts security testing to verify your application’s adherence to requirements currently mapped to these standards:
- Agile Alliance
- BSIMM
- BIZEC APP
- BSA Framework for Secure Software
- CAPECâ„¢
- CASA
- C2M2
- CCPA
- CERT® C
- SEI CERT® Oracle® Secure Coding Standard for Java™
- CIS
- CMMC
- CPRA
- CWEâ„¢
- CWE Top 25
- ePrivacy Directive
- FACTA
- FCRA
- FedRAMP
- FERPA
- FISMA
- GDPR
- GLBA
- HIPAA
- HITRUST CSF
- ISA/IEC 62443
- ISO/IEC 27001
- ISO/IEC 27002
- ISSAF
- LGPD
- MITRE ATT&CK®
- MISRA C
- MVSP
- NERC CIP
- NIST SP 800-53
- NIST SP 800-63B
- NIST SP 800-115
- NIST SP 800-171
- NIST CSF
- NIST SSDF
- NYDFS Cybersecurity Regulation
- New York SHIELD Act
- OSSTMM 3
- OWASP API Security Top 10
- OWASP ASVS
- OWASP MASVS
- OWASP Mobile Top 10
- OWASP SAMM
- OWASP Secure Coding practices
- OWASP Top 10
- OWASP Top 10 for LLM applications
- OWASP Top 10 Privacy Risks
- PA-DSS
- PCI DSS
- PDPA
- PDPO
- POPIA
- PTES
- PURL
- Resolution SB-2021-2126
- SANS 25
- SIG Core
- SIG Lite
- SOC 2®
- SWIFT CSCF
- WASC
- WASSEC
Unsupported
Currently, Fluid Attacks has not mapped security requirements to these standards:
- 21 CFR
- APRA PPG 234
- AWS Foundational Technical Review (FTR)
- Catalog of Problematic Data Actions and Problems (PDAP)
- Cloud Controls Matrix (CCM)
- Cloud Security Alliance (CSA)
- DCID 6/3
- Digital Operational Resilience Act (DORA)
- DISA STIG
- DoD Instruction 8500.1
- DoD Instruction 8550.1
- Enduring Security Framework (ESF)
- European Directive 1995/46/EC (DPD)
- European Directive 2002/58/EC (e-PD)
- European Directive 2022/2555 (NIS2)
- European Regulation 2019/881 (Cybersecurity Act)
- European Regulation 2024/1689 (AI Act)
- European Regulation 2024/2847 (CRA)
- FFIEC
- FIPPA
- FS-ISAC
- ISO/IEC 27017
- ISO/IEC 27018
- ISO/IEC 27701
- Japan’s Personal Information Protection Act
- Massachusetts 201 CMR 17.00
- Microsoft SSPA
- MITS
- NIST IR 8397
- NIST SP 800-108 Rev. 1
- NIST SP 800-161 Rev. 1
- NIST SP 800-163 Rev. 1
- OCC
- OWASP Web Security Testing Guide
- PCI
- PIPED Act
- Privacy Act of 1974
- Safe Harbor
- Secure Supply Chain Consumption Framework (S2C2F)
- SOX
- SOX ITGC
- TISAX
- Transparency & Consent Framework (TCF)
- TCPA
- TSS-WEB
Search for vulnerabilities in your apps for free with Fluid Attacks’ automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan . If you prefer the Advanced plan, which includes the expertise of Fluid Attacks’ hacking team, fill out this contact form .