Create and delete groups
Last updated: Mar 30, 2026
Create a group
Role required: Organization Manager
Your organization is charged per group. Creating a new group and managing it is your organization's decision and responsibility.
On Fluid Attacks' platform, groups are projects that you create dedicated to your applications or software products to keep track of their security assessments and risk exposure separately.
To create a new group, go to your Groups, click on the New group button, and specify the characteristics of your new group in the pop-up window.
Here is a short description of each field:
-
Organization: The name of the organization in which the group is to be created
-
Group name: The name for your group, preferably something short and easy to remember
Group names should be four to 30 characters.
-
Target description: The description that may help identify the software development project to which that group is associated
Group descriptions should be 10 to 200 characters.
-
Target type: The kind of target to test, whether it is API, Desktop application, Mobile application, Web application, or Hybrid (web + mobile)
-
Target evaluation stage: The kind of environment to evaluate, whether it is a development, QA, pre-production, or production one (you can also select 'Other' and specify a different kind)
-
Specify evaluation stage: The custom kind of environment to evaluate, made available when selecting 'Other' in the previous field
-
Continuous Hacking subscription: The desired AppSec testing methodology, which can be one of the following:
- Essential: Continuous security testing and help in remediation are performed through Fluid Attacks' SAST, SCA, DAST, and CSPM only
- Advanced: Your team wishes Fluid Attacks to secure your software with the Essential plan features, plus AI SAST and pentesters' continuous security testing and help in understanding vulnerabilities
-
Report language: The language in which you would like your reports to be
When you are finished setting up your new group, you can click Confirm. The group is then added to your group table immediately, and you are all set to start working on this vulnerability management project.
Delete a group
Role required: Group Manager
This action will immediately delete the group. It will remove pertinent data for your organization, including key information on detected types of vulnerabilities. This is a destructive action and cannot be undone. Learn about the information Fluid Attacks keeps about the group by reading the page Data retention policy.
When your Continuous Hacking free trial or subscription expires, Fluid Attacks deletes your related group(s). The warning above also applies in this case.
When you determine that a particular group is no longer necessary, you can proceed to delete it. These are the steps to delete a group:
-
Go to the Scope section of the group in question.
-
Scroll all the way down until you see Delete this group. If you cannot locate it, this should mean that you do not have the Group Manager role in this group and thus lack the necessary permission.
-
Click on the Delete this group button.
-
A confirmation pop-up window appears in which you must type the name of the group you wish to delete and an observation about its deletion. You may also choose a reason for deletion (see the explanation for each option below). Click on the Confirm button to complete the deletion of the group.
You need to make sure that you want to proceed with the deletion of the group, as there is no way of retrieving information about your group after you complete it.
After this process is done, platform members who have Group alerts enabled receive an email informing them or the deletion.
Provide a reason for group deletion
Role required: Group Manager
When you want to delete a group, you can choose between different reasons for this action.
The following are the definitions of the reasons offered in the group deletion form:
- System will be deprecated: Development will not go on in the repository or repositories that make up the group.
- No more security testing: Your team does not require further testing of the system(s) associated with the group.
- Different security testing strategy: Your team decided to change the AppSec testing provider for the system(s) associated with the group.
- Group rename: The name of the group is to be changed to a more appropriate name for the project.
- Information will be moved to a different group: The scope in that group will be moved to another group either because it will be merged with another project or because the information in it needs to be restructured.
- Proof of concept over: The proof of concept has ended.
- Testing request cancelled: Your team wishes to cancel security testing of a group before its start.
- Created by mistake: Your team has created the group by accident.
- Other reason not mentioned here: Of the eight previous reasons, none apply to why your team is deleting the group.
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.