Introduction to Fluid Attacks' AI tool
Artificial intelligence (AI) is revolutionizing various fields by providing tools that augment human capabilities. Fluid Attacks leverages the power of AI to enhance the value it delivers to its customers. Specifically, AI enables Fluid Attacks' hacking team to start reporting vulnerabilities in your applications earlier than otherwise and allows the creation of software features to automatically provide fix suggestions. File prioritization with Sorts
Fluid Attacks has developed an AI-powered tool called Sorts. This tool assists in identifying the likelihoods of files within a Git repository to contain security vulnerabilities, so that they can be prioritized for manual security testing. Sorts achieves this by analyzing information about vulnerable files on Fluid Attacks' platform and employing machine learning to train an ever-evolving model that predicts the vulnerability probability of files.
Ways to utilize Sorts
Fluid Attacks' Sorts can be used in two ways:
- Integrated with the Advanced plan: When you subscribe to the Advanced plan of Fluid Attacks' Continuous Hacking, a certified hacking team utilizes Sorts to expedite the vulnerability discovery process. This is particularly beneficial for the inspection of repositories containing hundreds or thousands of files, as Sorts helps prioritize assessment efforts.
- As a free and open-source standalone tool: This option allows you to use Sorts as a command-line interface (CLI) tool analyze your source code repository and generate a report in your preferred format (JSON or CSV), or configure the tool to run in your CI/CD pipeline. Detailed instructions can be found in the guide Configure and use Sorts on your own.