Use the scanner
Exclude findings from scan reports
Fluid Attacks offers the NOFLUID feature to allow you to exclude from reports some specific, potentially insecure lines within your application's source code or infrastructure-as-code (IaC) configurations. This way you can avoid findings that might ...
Understand the scanner output
Fluid Attacks' standalone scanner provides varying levels of detail in its output, depending on the chosen format. This page provides a detailed explanation of each field present in the standalone scanner output. The CLI snippets and CSV files are ...
Run scans locally or in your CI/CD
The Fluid Attacks scanner can be seamlessly integrated into your development workflow, allowing you to perform security scans both locally and within your continuous integration and continuous delivery (CI/CD) pipeline. Run the Fluid Attacks scanner ...
Use standalone scanner
Fluid Attacks' scanner is an AppSec testing tool that scans your source code, infrastructure, and applications, then reports any security vulnerabilities it finds. You can use the scanner in two ways: The scanner is available for use as follows: Paid ...