Verify fixes with reattacks | Fluid Attacks Help

Verify fixes with reattacks

Request a reattack

Role requirement info
Role required: User, Vulnerability Manager or User Manager
Note on syncing before reattacks
Note: Before requesting a reattack, make sure you have synced the fixed software version to the platform.
When you have fixed your code or service configuration to address a reported vulnerability, you can request a reattack to validate the effectiveness of your effort. Reattacks are retests performed by Fluid Attacks' tool and hacking team (the latter are available exclusively in the Advanced plan).

Reattack requests can be sent from Fluid Attacks' platform in the Locations and To do sections. But you can also send them from Jira Cloud and VS Code thanks to Fluid Attacks' integrations. This page is dedicated to sending reattack requests from the platform. These are the steps to do it from Locations:

  1. Go to the intended group's Vulnerabilities section and choose the type of vulnerability in question.

    Select type of vulnerability to reattack on the Fluid Attacks platform

  2. In the Locations section, click on Select locations to reattack.

    3. Select locations to reattack on the Fluid Attacks platform

  3. Select the vulnerability to be verified by the reattack. Only entries with the Vulnerable status and whose reattack status is neither Requested nor On hold are eligible. Then click on the Reattack button.

    Select vulnerability to reattack on the Fluid Attacks platform

    4. Advice on reattacks
    You may select multiple vulnerabilities and then click Reattack.

  4. In the pop-up window, provide a detailed description (minimum 10 characters) of the fix you implemented to address the vulnerability.

    5. Request reattacks on the Fluid Attacks platform
    Advice on justification
    If the reattack is to be performed by Fluid Attacks' tool, your justification does not need to be detailed. Read more about reattacks by the tool below.

  5. Click Confirm. The Reattack column for that vulnerability then displays the value Requested.

    View reattack status on the Fluid Attacks platform

To request reattacks from the To do section, follow these steps:

  1. Go to the To do section.
    2. Find the To do section on the Fluid Attacks platform

  2. Select the vulnerability by its check box and click on Reattack.
    3. Reattack from To do on the Fluid Attacks platform

  3. Provide a justification (minimum 10 characters) in the pop-up window and click Confirm.
After requesting the reattack you need to wait for the tool or hacking team to inform you of the outcome. If performed by the tool, the reattack may take several minutes. If performed by security analysts, the response time adheres to the conditions specified in the service-level agreement, i.e., a median of 16 office hours.

Moreover, a new comment related to your request appears in the type of vulnerability's Consulting section. If applicable, a further comment appears shortly after, where Fluid Attacks' tool informs you of the reattack outcome. If security analysts are involved, they may add detailed comments along with the reattack outcome information.

View reattack status in Consulting on the Fluid Attacks platform

Reattack outcomes

On the platform, there are two possible reattack outcomes which are informed in the Reattack column of the Locations table.

  1. Verified (vulnerable): The vulnerability is still exploitable. Fluid Attacks' tool or hacking team provide evidence of the exploit, accessible in the Evidence section. You should attempt remediation again and then request another reattack.
  2. Verified (safe): The vulnerability has been successfully remediated.

Reattack outcomes are recorded in the type of vulnerability's Tracking and Consulting sections. 

Reattacks on hold

Reattacks might be temporarily delayed due to situations from your side, which Fluid Attacks calls "events." To learn more about them, read Resolve events impeding tests. Delayed reattacks are shown in the Locations table with the value On hold.

View reattacks on hold on the Fluid Attacks platform

Once the events are resolved, the reattack request is automatically reactivated.

Reattacks for vulnerabilities detected by the automated tool

Bear in mind the following regarding reattacks for vulnerabilities detected by the automated tool:
  1. No detailed justification is needed in your request as the tool does not take it into account.
  2. If you suspect a false positive or determine the finding poses no risk due to other security measures, contact Fluid Attacks or request the zero risk treatment, respectively, instead of a reattack.
  3. The comments in Consulting sections are simple messages mentioning vulnerabilities present and remediated resulting from the reattack.
  4. If you have trouble remedying the vulnerability, consult the vulnerability and fixes documentation for code examples or use the Fluid Attacks features that leverage generative artificial intelligence to have an idea of how to proceed.

Reattack a permanently accepted vulnerability

Role requirement info
Role required: User, Vulnerability Manager or User Manager
Despite having accepted a vulnerability permanently on Fluid Attacks' platform, you can request a reattack if you determine you have remediated it.

The steps to request a reattack for a permanently accepted vulnerability are no different from those described above. After sending the request, the column Reattack shows the value Requested.

Reattack an accepted vulnerability on the Fluid Attacks platform

Error when requesting reattacks

The platform prevents a reattack request if

  1. the latest cloned version (last commit) of the repository associated with the vulnerability you are attempting to reattack is more than 1 day old, or
  2. the vulnerability is still present in that last commit (or even in a previous commit).
In such cases, an error message prompts you to update the repository before requesting the reattack.

Solve reattack error on the Fluid Attacks platform

These are the recommended steps when encountering this error:

  1. Check the current version of the repository (in your remote version control system or remote container where the repository is hosted) and ensure the latest commit is recent and includes the fix.

  2. Update the branch under evaluation (i.e., the one registered in the Scope section) to include the current version of the repository.

  3. Return to the platform and request the reattack again.

  4. If necessary, manually update the repository in Scope and request the reattack once its Status is OK.

Note on reattacks
Notes:
  1. Repeat these steps for each repository associated with multiple vulnerabilities you wish to reattack.
  2. Contact help@fluidattacks.com if you face issues with the above steps or if you believe a repository update is not required.
Free trial message
Free trial
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.