Manage a group's configuration | Fluid Attacks

Manage a group's configuration

Manage group information

Group information fields

You can find the information of the company and the group scrolling down the Scope section. The information is composed of seven fields.

Fields

  • Business Registration Number: DNI of the company.
  • Business Name: Legal name of the company.
  • Description: Specify the purpose of the group.
  • Report language: Language in which the group is created.
  • Sprint Length: If you use sprint as part of your work methodology. You have to specify the number of weeks of the duration of the sprint.
  • Sprint Start Date: The day my sprint starts.
  • Managed: Shows the current payment configuration of the group. This information is available to all Fluid Attacks' platform users but can only be modified by the Fluid Attacks team.

In Managed the configuration options are:

  1. Managed: The group is using another payment method than a credit card, and this method has already been validated.
  2. Not Managed: The group's payment method is credit card.
  3. Under review: When it is in this status, it is because of: No payments made, validation of the effectiveness of other payment methods or the free trial has expired. When is in under review, the group access is blocked.
  4. Free trial: Groups that are on a free trial period in the use of platform.

Remember that the information in the Business Registration Number and Business Name items helps us to generate the security testing certificates.

Edit group information

Role requirement info
Role required: User Manager
If you need to make a change in the information of these items, clicking on any of the fields will activate the edit action and you can make the necessary changes. To save these changes you have to click on Continue.

Continue

To confirm that the changes made were successful, you will receive a notification showing you how the fields currently look and your changes.

Note on group information edit permissionsNote: The Fluid Attacks staff roles that can edit these fields are Customer Manager and Admin.

Manage a group's information for context

Role requirement infoRole required: User, Vulnerability Manager or User Manager
It is essential to have information that gives context of the group, being useful both for the members that are part of the project and for the analysts. To see this information, you have to go to the Scope tab of the group you want to see and scroll down and look for Group context section.

Group Context

Remember that here you can put information such as: What does the group do and what is its purpose, if it is download or online use. If you want to update the information, you must click the edit button. There, you will have the facility to change or update the information.

Manage files shared with Fluid Attacks

Role requirement infoRole required: User, Vulnerability Manager or User Manager
In the Files section found in the Scope tab that you can see in the following image, you can upload and download any files that you find useful or necessary for performing penetration tests on the group.

File Section

You can add them by clicking on the Add button and then the following window will show up

Add File

Here you can look for the file that you want to upload, which must not exceed a size of 5GB, and also add a meaningful description for the usage or purpose of the added file. After this you can click on the Proceed button to upload the file or the Cancel button to dismiss it.

When you have uploaded a file successfully it will be added to the table and if you want to download it, you can click on it for the following window to show up

File Options

This way you can easily download or delete the file that you selected.

Manage group services

Role requirement info
A Fluid Attacks Customer Manager or Admin role is required.
Services shows how a group is configured. The data included are Subscription type, Service, and Plan (Essential/Advanced).

Services

  • Service: White and Black services.
  • Plan: Essential and Advanced.

The roles that have the flexibility to change the information in this section are Customer Manager or Admin.

To make these changes, you have to select which field you want to update, then click on the continue button.

Make Changes

Here you will get a pop-up window showing which fields have been modified and which remain the same. You also have to give observations and the name of the group where the change is being made. When you verify that everything is correct, click on the Confirm button.

Confirm

This way, you will be able to see the changes made successfully. You will also receive a notification in your email notifying you of the changes made.