Service-level agreement
False positives
Definition of false positives A false positive is an erroneous alert indicating that a vulnerability is present. False positives are a serious problem in software development projects, as investigating them may take longer than looking into correct ...
False negatives
Definition of false negatives A false negative is an erroneous report indicating that a vulnerability does not exist or is absent. Specifically, Fluid Attacks considers false negatives as instances when it fails to report a vulnerability that was ...
Response SLA
Description At least 90% of reattack requests, comments, and incidents will receive a first response within a median time of less than 16 office hours. Criteria The following conditions must be met for this service-level agreement (SLA) indicator to ...
Accuracy SLA
Description F2 and F0.5 scores of at least 90% are achieved in reports of a client's software's risk exposure and vulnerabilities, respectively. Since January 2025, this service-level agreement (SLA) indicator seeks to address management's pain ...
Availability SLA
Description The Fluid Attacks platform will be available via the Internet for its registered users 99% of the time. Criteria In addition to the general measurement aspects, the following is taken into account to measure this service-level agreement ...
Service-level agreement summary
The following are the four indicators of the service-level agreement (SLA) with Fluid Attacks for the Continuous Hacking solution. Availability: Registered users can expect Fluid Attacks' platform to be accessible via the Internet at least 99% of the ...