Posts by Jason Chavarría

Jason is content writer and editor at Fluid Attacks. He has a background in psychological research and has been writing about cybersecurity since September 2021.

Photo by Maxim Hopman on Unsplash

Jason Chavarría


Why measure cybersecurity risk with our CVSSF metric?

We present some of the flaws of the traditional measure of cybersecurity risk and introduce CVSSF, the risk-exposure-based metric with which we overcome them.

Photo by James Lee on Unsplash

Jason Chavarría


A lesson of this global IT crash is to shift left

A defect in a CrowdStrike sensor update made 8.5M devices crash. We think this event shows the importance of testing security from early stages of development.

Photo by Wilhelm Gunkel on Unsplash

Jason Chavarría


Transparency for fewer supply chain attacks

It should be easy to learn how committed the most used OSS libraries are to security. And that transparency we ask for we should practice ourselves.

Photo by Sarah Kilian on Unsplash

Jason Chavarría


Develop bank applications that resist DDoS attacks

Banks are getting most of the DDoS attacks among financial services firms, which are being targeted more than before. Learn to secure your app from this threat.

Photo by Jasmin Egger on Unsplash

Jason Chavarría


If the essential security layer is flawed, you're toast

You must not stop remediating vulnerabilities in your mobile apps just because you fully trust technologies such as RASP or anti-reverse engineering solutions.

Photo by James Orr on Unsplash

Jason Chavarría


Our pick of the hardest challenges for ethical hackers

We share what to us are the 10 most challenging ethical hacking certifications, so that you can choose your next one and even trace a path to help your career.

Photo by Eduardo Balderas on Unsplash

Jason Chavarría


Understanding 51 new PCI DSS requirements made easy

PCI DSS v4.0 brings 51 new requirements that are best practices until March 2025. We share a classification that may help take it all in.

Photo by Jeremy Perkins on Unsplash

Jason Chavarría


Comply with the new requirements due for March 2024

Companies that store, handle or transfer account data must comply with PCI DSS v4.0 from March 31. We summarize its 13 new requirements to be met on that date.

Photo by Wynand Uys on Unsplash

Jason Chavarría


Six main items in an AI policy for software development

Your company should have a policy about generative AI usage for software development. Read our suggestions on the most important items to include.

Start your 21-day free trial

Discover the benefits of our Continuous Hacking solution, which hundreds of organizations are already enjoying.

Start your 21-day free trial
Fluid Logo Footer

Hacking software for over 20 years

Fluid Attacks tests applications and other systems, covering all software development stages. Our team assists clients in quickly identifying and managing vulnerabilities to reduce the risk of incidents and deploy secure technology.

Copyright © 0 Fluid Attacks. We hack your software. All rights reserved.