Purpose and scope
Please read this page carefully and thoroughly.
Fluid Attacks set forth our expectations
regarding how our employees,
and customers should interact in our mutual business environment.
We are committed to maintaining a high degree of professionalism,
with the expectation that those involved act
in accordance with the law and our company policies.
Understanding our expectations
and how to meet them
is essential at all levels of interaction.
Failure to comply with the principles
set forth below
could result in disciplinary penalties,
or the termination of all business relations with
Fluid Attacks is a Colombian company.
We firmly believe in our principles
and conduct business in accordance with them.
our principles are not negotiable.
Our principles are:
Fluid Attacks, honesty is paramount in all our business interactions. Truthfulness, trustworthiness, reliability and integrity are what we bring to our business relationships and what we expect in return.
Fluid Attacks'results are achieved through the collaborative effort of all our staff. We are a team. Therefore, we maintain, and expect, dignified and respectful treatment for all members.
Fluid Attacks, we fulfill all our commitments with dedication, perseverance and 100% focus on excellence for all our customers.
How we apply our principles
The following are some examples of how our values and principles operate in our business interactions with customers:
We do not keep records of vulnerabilities after projects are closed: No detected vulnerabilities are stored for future personal or organizational use.
We only carry out attacks with authorization from the client and in personal test environments or environments created to be hacked (CTFs, challenge sites, etc.): Attacks are not carried out as a test, outside of work hours or outside of the organization to third parties (partners, other companies, friends, etc.).
The vulnerabilities we find are confidential: Detected vulnerabilities are only revealed to the client and authorized people working directly on the project. Hackers do not reveal any information regarding vulnerabilities, nor their existence, to any unauthorized person inside or outside of
We uninstall any infection that we previously installed for an attack: After finishing a client's project, all the software installed to infect the system is completely removed. If this is not possible, the client is notified in writing regarding the details of this situation.
We report all detected security issues: If we know a security issue exists, we report it in writing to the client.
We assume responsibility: If we at
Fluid Attacksdiscover any errors or missteps on our part during work on a client's project, we inform the client, take full responsibility for any impacts and repercussions, and do whatever is required to fix them.
In our company, the process is every bit as important as the result. This is why we adhere to the principles described above and expect the same of everyone involved in a client's project.
Our business complies with all employer/employee regulations and laws, such as fair labor practices, overtime compensation, equal employment opportunity, etc., as mandated by Colombian law.
We permanently monitor and manage the risks associated with our clients' information.
Problems and complaints
All matters related to violations of our values can be reported at [email protected].