Nucleus Security
How does Fluid Attacks' solution compare to Nucleus's? The following
comparison table enables you to discern the performance of both providers across various attributes essential
for meeting your company's cybersecurity needs. To better understand each attribute, read their descriptions in the
dedicated page.
Organization
|
Attribute
|
Essential
|
Advanced
|
Nucleus
|
|
Focus
|
|||
|
Extras
|
None
|
None
|
None
|
|
Headcount
|
|||
|
Headcount distribution
|
|||
|
Headcount growth
|
|||
|
Headquarters
|
|||
|
Countries
|
|||
|
Reputation
|
Same
|
||
|
Followers
|
Same
|
||
|
Research firms
|
None
|
None
|
|
|
Founded
|
2001 | ||
|
Funding
|
Bootstrapped
|
Same
|
$36.4M
USD in 4 rounds from 4 investors
|
|
Acquisitions
|
None
|
None
|
None
|
|
Revenue
|
|||
|
CVE
|
257 CVEs
reported to
MITRE, ranked in the top 10
CVE labs
worldwide
|
0 CVEs reported to MITRE
|
|
|
Compliance
|
FedRAMP Authorized and SOC2 Type II | ||
|
Bug bounty
|
|||
|
Visits
|
|||
|
Authority
|
|||
|
Vulnerability
database
|
|||
|
Content
|
Same
|
||
|
Knowledge
base
|
13 KB sections, 3
in common and 10 additional
|
||
|
Community
|
No
|
||
|
Sync
training
|
1 workshop
|
No
|
|
|
Async
training
|
No
|
||
|
Distribution
|
Same
|
||
| Marketplaces | AWS and GCP | ||
|
Freemium
|
No
|
No
|
No
|
|
Free trial
|
|||
|
Demo
|
|||
|
Open Demo
|
No
|
No
|
No
|
|
Pricing
|
|||
|
Pricing
tiers
|
1 plan
|
1 plan
|
No plans
|
|
Minimum
term
|
|||
|
Minimum payment
period
|
|||
|
Minimum
capabilities
|
|||
|
Minimum scope
|
1 group
|
1 author
|
No information available
|
|
Pricing drivers
|
|||
|
Minimum monthly payment
|
No information available
|
Service
|
Attribute
|
Essential
|
Advanced
|
Nucleus
|
|
PTaaS
|
No
|
No
|
|
|
Reverse engineering
|
No
|
No | |
|
Secure code review
|
No
|
No
|
|
|
Pivoting
|
No
|
No
|
|
|
Exploitation
|
No
|
No
|
|
|
Manual reattacks
|
Not applicable
|
Not applicable
|
|
|
Zero-day
vulnerabilities
|
None
|
Continuous zero-day vulnerability research
|
None
|
|
SLA
|
Response | ||
|
Min availability
|
>=99.95% per minute LTM
|
No information available
|
|
|
After-sale guarantees
|
No
|
Yes
|
|
|
Accreditations
|
None
|
||
|
Hacker certifications
|
Not
applicable
|
Not applicable
|
|
|
Type of contract
|
Employee
|
Same
|
|
|
Endpoint control
|
Not applicable
|
Total
|
Not applicable
|
|
Channel control
|
Not applicable
|
Total
|
Not applicable
|
|
Standards
|
Some
requirements
from 67 standards, 4 in
common and 63 additional
|
All requirements from
the same standards
|
4 standards, all in common
|
|
Detection method
|
Automated
tools and AI
|
||
|
Remediation
|
5, 2 in common and 3
additional
|
Same, plus 1
|
2, all in common
|
|
Outputs
|
5, 2 in common and
3 additional
|
Same,
plus 2
|
4, 2 in common and 2
additional
|
Product
|
Attribute
|
Essential |
Advanced
|
Nucleus
|
|
ASPM
|
No
|
||
|
API
|
|||
|
IDE
|
Same, plus 1
functionality
|
No
|
|
|
CLI
|
No
|
||
|
CI/CD
|
Does not breaks the build
|
||
|
Vulnerability sources
|
4 sources
|
None
|
|
|
Threat model alignment
|
No
|
||
|
Priority criteria
|
Same
|
||
|
Custom prioritization
|
|||
|
Scanner origin
|
None
|
||
|
SCA
|
No
|
||
|
AI security
|
No
|
No
|
|
|
Reachability
|
12 languages
|
No
|
|
|
Reachability
type
|
Same
|
No
|
|
|
SBOM
|
No
|
||
|
Malware
detection
|
Yes
|
Yes
|
No
|
|
Autofix on components
|
No
|
No
|
No
|
|
Containers
|
No
|
||
|
Source
SAST
(languages)
|
No
|
||
|
Source
SAST
(frameworks)
|
No |
||
|
Custom rules
|
No
|
No
|
No
|
|
IaC
|
No
|
||
|
Binary SAST
|
1 type
of binary
|
Same, plus 2 types of
binaries
|
No
|
|
DAST
|
No |
||
|
API security testing
|
No
|
No
|
|
|
IAST
|
No
|
No
|
No
|
|
CSPM
|
Yes |
No
|
|
|
ASM
|
No
|
No
|
No
|
|
Secrets
|
Same, plus verify other attack
vectors and secrets
exploitability
|
No
|
|
|
AI
|
3 functions,
1 in common
and 2 additional
|
2 functions, 1 in common
and 1 additional
|
|
|
MCP
|
|||
|
Open-source
|
Not applicable
|
No
|
|
|
Provisioning as Code
|
No
|
||
|
Deployment
|
|||
| Regions | |||
|
Status
|
|||
|
Incidents
|
Integrations
|
Attribute
|
Essential
|
Advanced
|
Nucleus
|
|
SCM
|
6,
3 in
common and 3 additional
|
3, all in
common
|
|
|
Binary repositories
|
None
|
None
|
None
|
|
Ticketing
|
3, all in
common
|
9, 3 in common and 6 additional |
|
|
ChatOps
|
None |
None
|
|
|
IDE
|
None |
||
|
CI/CD
|
21, 4 in common and 17 additional
|
5, 4 in common and 1 additional
|
|
|
SCA
|
|||
|
Container
|
|||
|
SAST
|
|||
|
DAST
|
|||
|
IAST
|
None |
None
|
None
|
|
Cloud
|
None
|
||
|
CSPM
|
8 | ||
|
Secrets
|
|||
|
Remediation
|
None
|
None
|
None
|
|
Bug bounty
|
None
|
None
|
|
|
Vulnerability
management
|
None
|
None
|
None
|
|
Compliance
|
None
|
None
|
None
|
References were last checked on Oct 30, 2025.
Free trial
Search for vulnerabilities in your apps for free with Fluid
Attacks' automated security testing! Start your 21-day free
trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the
Advanced plan,
which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.