--- other: private: false title: Help channel --- # Help channel import { Table } from "nextra/components"; The Help Channel serves as a communication bridge between Fluid Attacks and our clients. It is designed to address inquiries, concerns, and requests, including developer role changes and access permission modifications. This documentation outlines the key features and guidelines for utilizing the Help Channel effectively. ## Contact Information Email: [help@fluidattacks.com](mailto:help@fluidattacks.com) ## Confidentiality All communication through the Help Channel is treated as confidential information. The contents of the emails exchanged are accessible to authorized personnel within Fluid Attacks, ensuring security and confidentiality. ## Purpose The Help Channel facilitates various interactions, including but not limited to: 1. **Developer Role Changes:** Clients and authorized internal personnel can request changes to developer roles within applications. This includes adding, modifying, or revoking permissions for developers. 1. **Access Permission Modifications:** Requests to grant, modify, or revoke access permissions for developers to specific applications can be made through the Help Channel. All changes are executed following established procedures and authorizations. 1. **Inquiries and Concerns:** Clients can seek assistance, clarification, or resolution of any doubts, concerns, or issues related to Fluid Attacks' services, applications, or processes. Internal personnel can also use the channel for similar purposes. For a more detailed process please refer to Help Flow. ## Response Time Fluid Attacks is committed to providing timely responses to all inquiries and requests received through the Help Channel. Support engineers aim to address client and internal requests promptly, ensuring efficient processing. The initial response service-level agreement (SLA) is determined by the priority assigned according to the case's business impact. In all cases the maximum resolution time is 10 days. **Priority** **Response time** Low 3 hours Medium 2 hours High 1 hour

## Authorization For internal processes and actions involving developer roles and access permissions, proper authorization is essential. This ensures changes are made with appropriate approvals and compliance measures. ## Confirmation Process Here, we will delve into each stage, highlighting the essential tools we employ to ensure informed responses and effective solutions. ### Case Identification Every interaction begins with a thorough assessment of the case presented by our users. This initial step is crucial to comprehend the nature of the request or report and establish a robust foundation for subsequent analysis. In this identification process, several key tools play fundamental roles: 1. **Production Environment Testing:** Our central platform acts as the epicenter to replicate and validate actions, providing an environment for additional testing with real data. 1. **Local Environment Testing:** Running tests in locally controlled environments to reproduce issues, ensuring cases are reproducible before making changes in the production environment. 1. **Developer Console:** Integrated tools in browsers or development devices to inspect, debug, and analyze elements of the platform in real time. Recognizing the diversity of each situation, we carefully select tools that best fit the specific characteristics of the case: 1. [**GraphQL API**](https://graphql.org/)**:** The GraphQL API offers efficient queries to obtain specific details about groups, user membership status, and data related to findings and vulnerabilities, providing valuable information. It facilitates the confirmation of essential details to understand the nature of the request. 1. [**CloudWatch:**](https://aws.amazon.com/es/cloudwatch/) Enhances our monitoring and observability, allowing advanced log analysis to extract key information. Its Log Insights feature facilitates the collection and monitoring of logs, providing enhanced visibility and effective tracking. 1. **Mandrill:** Ensures the effective and reliable delivery of notifications by verifying message delivery to users. Additionally, it performs detailed delivery analysis, providing key information about opens, clicks, and potential issues, improving our understanding of email status. 1. [**Mixpanel:**](https://mixpanel.com/home/) Is an essential tool for a comprehensive understanding of user interaction with our platform. It acts as a guide to confirm the alignment of requests with existing functionalities, enabling continuous adjustments that enhance the user experience. 1. [**BugSnag**:](https://www.bugsnag.com/) Is essential to identify and confirm errors related to user requests. Its detailed reports not only reveal the nature and severity of errors but also allow us to trace their origin. 1. [**LogRocket:**](https://logrocket.com/) Serves as an invaluable tool in our quest to enhance user experience and swiftly address issues. This tool captures user interactions on our platform, providing detailed insights into user behavior. It acts as our observant companion, recording user sessions to assist in issue reproduction and analysis. 1. **Consulting With the Developer:** Direct Consultation with our developers is a strategic resource to address complex issues requiring technical understanding. It provides guidance and detailed solutions for cases needing a specialized technical approach. For more detailed information about the monitoring tools we use to ensure efficient service, click here. ### Final Determination With the information gathered through these specialized tools, we move into the final determination phase. Here, we assess the findings to categorize the request as a problem (**Bug**) requiring correction or as a new functionality (**Feature**). ### User Confirmation Upon completing the evaluation, we notify the user about the results obtained. If an error is confirmed, we create an issue labeled as **Bug** and assign it to a developer with expertise in the field. For functionality requests, we generate an issue labeled as **Feature**, assigned to the Head of Product. Refer to the governance section for detailed insights into these roles. If the case is confirmed as an incident or may become one in the future, the issue is assigned to the Incident Manager. For more information about this process, please refer to the Incidents section. ### Follow-up Recognizing the importance of transparency and ongoing communication, we offer our users a complete follow-up process. The requester has information on every step of the case, knows the link of the issue generated to solve the situation, communicates with the most knowledgeable staff on the matter on the request, and can reopen the case for any other need after it’s closed. ## Conclusion The Help Channel stands as a versatile tool for both client and internal interactions. Fluid Attacks maintains its commitment to secure, efficient, and confidential communication, using the channel to address a range of inquiries, requests, and concerns. The Help Channel continues to uphold the integrity of communication for both external clients and internal processes. ## Other transparency measures 1. [Complaint management ](https://help.fluidattacks.com/portal/en/kb/articles/complaint-management) 1. [Continuous Hacking to our technology](https://help.fluidattacks.com/portal/en/kb/articles/continuous-hacking-to-our-technology) 1. [Data leakage policy](https://help.fluidattacks.com/portal/en/kb/articles/data-leakage-policy) 1. [Ethics hotline](https://help.fluidattacks.com/portal/en/kb/articles/ethics-hotline) 1. [Incident management and resolution process ](https://help.fluidattacks.com/portal/en/kb/articles/incidents) 1. [Information security responsibility](https://help.fluidattacks.com/portal/en/kb/articles/information-security-responsibility) 1. [Open source](https://help.fluidattacks.com/portal/en/kb/articles/open-source) 1. [Quality policy](https://help.fluidattacks.com/portal/en/kb/articles/quality-policy) 1. [Status page ](https://help.fluidattacks.com/portal/en/kb/articles/status-page) 1. [Vulnerability releasing process](https://help.fluidattacks.com/portal/en/kb/articles/vulnerability-releasing-process)