Support information
Supported KB sections
Supported Currently, these are the Knowledge Base sections supported by Fluid Attacks: Company compliance Comparison with other tools or services Compliance and requirements covered by the customer Changelog Definition of SLAs FAQs Integrations ...
Supported languages for vulnerability fixes
Supported Fluid Attacks is committed to helping organizations identify and remediate vulnerabilities in their software. The following table outlines the programming languages supported by Fluid Attacks' automated vulnerability remediation ...
Supported browsers
Supported Note: The following is not an exhaustive list, as Fluid Attacks supports any browser in its version(s) compatible with at least the ECMAScript® 2023 standard. Below is a summary of the most popular browsers supported on the Fluid Attacks ...
Supported CI/CD
Supported Note: The following is not an exhaustive list, as Fluid Attacks supports every CI/CD system compatible with Docker. Below is a summary of the most popular CI/CD systems in which Fluid Attacks can be integrated. Currently, these are some ...
Supported IDE functionalities
Supported Currently, these are the IDEs supported by Fluid Attacks and their respective functionalities: IntelliJ IDEA: See vulnerable file and code line VS Code: See vulnerable file and code line Detailed information on vulnerabilities and ...
Supported evidence formats
Supported Currently, these are the evidence formats supported by Fluid Attacks: Code pieces Graphs and metrics of the system's security status PDF executive reports Screenshots with explanatory annotations (only in the Advanced plan) Software bill of ...
Supported remediation
Supported Currently, these are the options supported by Fluid Attacks to help you with vulnerability remediation: Documentation on fixes on the platform and VS Code extension Knowledge base Step-by-step correction guidance with AI Autofix Expert ...
Supported AI functions
Supported Currently, these are the AI functions supported by Fluid Attacks: AI-powered triage Automatic fixes Custom fixes from the IDE and ASPM platform Unsupported Fluid Attacks' AI functions support does not currently include the following: ...
Supported clouds
Supported Currently, these are the cloud platforms supported by Fluid Attacks: Amazon Web Services (AWS) Google Cloud Platform (GCP) Microsoft Azure Unsupported Fluid Attacks' cloud support does not currently include the following: Alibaba Cloud ...
Supported ticketing systems
Supported Currently, these are the ticketing systems for which Fluid Attacks offers integrations: Azure DevOps work items GitLab issues Jira Cloud Unsupported Fluid Attacks' ticketing system support does not include the following: Asana Bugzilla ...
Supported SCM systems
Supported Currently, these are the source code management systems supported by Fluid Attacks: Azure DevOps Bitbucket GitHub GitLab Learn to import your repo to start security testing. Unsupported Fluid Attacks' SCM system support does not currently ...
Supported standards
Supported Fluid Attacks conducts security testing to verify your application's adherence to requirements currently mapped to these standards: Agile Alliance BSIMM BIZEC APP BSA Framework for Secure Software CAPEC™ CASA C2M2 CCPA CERT® C SEI CERT® ...
Supported secrets
Supported Currently, these are the secrets Fluid Attacks can detect: API keys AWS credentials Database connection passwords Express-session secrets Hardcoded emails (in security-related contexts) Hardcoded environment variables (e.g., api_key, ...
Supported binaries
Supported Currently, these are the file extensions of binaries supported by Fluid Attacks: .apk .aab (only in the Advanced plan) .ipa (only in the Advanced plan) Unsupported Fluid Attacks' binaries support does not currently include those with the ...
Supported containers
Supported Currently, Fluid Attacks supports containers based on the following Linux distributions: Alpine Arch Debian Red Hat Unsupported Fluid Attacks' containers support does not currently include those based on the following Linux distributions: ...
Supported CVEs for reachability analysis
Supported Currently, Fluid Attacks detects when software effectively calls known vulnerable functions reported in the CVE entries shown in the following table, where they are classified by the programming language in which the functions are written: ...
Supported package managers
Supported Currently, these are the package managers supported by Fluid Attacks: Apache Ivy Bin Bundler CocoaPods Composer Conda Go Package Manager Gradle Libman Maven npm NuGet pdm pip Pipenv pnpm Poetry Pub RubyGems sbt Swift Package Manager upm uv ...
Supported attack surfaces
Supported Please note that the following API types are currently available exclusively in our Advanced plan: GraphQL API, gRPC API, and REST API. Currently, these are the attack surfaces supported by Fluid Attacks' DAST and PTaaS: DNS records GraphQL ...
Supported frameworks
Supported Currently, these are the frameworks supported by Fluid Attacks: Angular (TypeScript) AngularJS (JavaScript) ASP.NET ASP.NET Core Django Express FastAPI Flask Flutter Gin Koa Laravel Microsoft .NET NestJS Next.js Node.js React Native Ruby on ...
Supported languages
Supported programming languages Currently, these are the programming languages supported by Fluid Attacks: C# Dart Go Java JavaScript Kotlin PHP Python Ruby Scala Swift TypeScript Check out also the supported frameworks. Supported configuration ...
Changelog
2025 April Release 16 (SAST) New methods: F115 JS Improper CSRF Middleware Order F115 TS Improper CSRF Middleware Order F002 JS Uncontrolled Error Object Allocation via Ajv allErrors Option F002 TS Uncontrolled Error Object Allocation via Ajv ...
Roadmap
We’re excited to share our priorities and upcoming features, designed to enhance security, simplify workflows, and empower you with greater efficiency and transparency. Expanding automatic detection coverage We are working to expand the coverage of ...
Supported package managers, languages and files in SCA
The following table shows the package managers, languages and file extensions supported by Fluid Attacks' software composition analysis (SCA). Package manager Version(s) Language(s) File name(s) Bundler >2.5 Ruby gems.locked Cargo All Rust ...