See details of the reported vulnerabilities | Fluid Attacks Help

See details of the reported security vulnerabilities

After you have signed up on Fluid Attacks' platform and imported one or more Git repositories to test, you may begin to receive results of security tests in the platform.

Follow these steps on the platform to learn about the security vulnerabilities found in your software:
  1. Enter the group where security vulnerabilities are reported to enter its Injected section.

    Open the group vulnerabilities section in the Fluid Attacks platform

    You can immediately discover how many vulnerabilities per CVSS severity range there are for each type of vulnerability detected in your software and each type's Priority score.

  2. Click the downward-facing arrow next to the name of a type of vulnerability to see its description.

    View details of a type of vulnerability in the Fluid Attacks platform

  3. Click anywhere on the row containing the name to enter the Locations section. There, you see where precisely the vulnerability is located.

    View where the vulnerability is present on the Fluid Attacks platform

  4. Go to the Description tab to learn what security requirements may be associated with the vulnerability. You can also read the recommendations for fixing the code.

    See a vulnerability description and fix advice on the Fluid Attacks platform

Read See where vulnerabilities are and more details for a description of all the platform sections that give you information about the findings.

Having understood the vulnerability to be addressed, you can assign its remediation to a developer in your team.

If you are assigned the vulnerability you just explored, you can go ahead and fix the code.