See details of the reported security vulnerabilities | Fluid Attacks

See details of the reported security vulnerabilities

After you have signed up on Fluid Attacks' platform and imported one or more Git repositories to test, you may begin to receive results of security tests in the platform.

Follow these steps on the platform to learn about the security vulnerabilities found in your software:

  1. Enter the group where security vulnerabilities are reported to enter its Vulnerabilities section.

    Open the group vulnerabilities section in the Fluid Attacks platform

    You can immediately find out the severity (CVSS score) of the vulnerabilities, and the percentage of risk exposure associated with them out of all the reported risk exposure.

  2. Click the downward-facing arrow next to the name of a type of vulnerability to see its description.

    View details of a type of vulnerability in the Fluid Attacks platform

  3. Click anywhere on the row containing the name to enter the Locations section. There, you see where precisely the vulnerability is located.

    View where the vulnerability is present on the Fluid Attacks platform

  4. Go to the Description tab to learn what security requirements may be associated with the vulnerability. You can also read the recommendations to fix the code.

    See vulnerability description and fix advice on the Fluid Attacks platform

Read the Vulnerabilities page and its subpages for a detailed description of all the platform sections that give you information about the findings.

Having understood the vulnerability to be addressed, you can assign its remediation to a developer in your team.

If you are assigned the vulnerability you just explored, you can go ahead and fix the code.