Posts by Jason Chavarría

Jason is cybersecurity editor at Fluid Attacks. He has a background in psychological research and has been writing about cybersecurity since September 2021.

Photo by JC Gellidon on Unsplash

Jason Chavarría


Definition, implementation, importance and alternatives

Learn about vulnerability remediation, its place and importance in vulnerability management, and differentiate it from vulnerability mitigation and acceptance.

Photo by Tamas Kolossa on Unsplash

Jason Chavarría


Vulnerability scanning and pentesting for a safer web

Learn how website and web app security scanning work, their role in vulnerability management, and why mix them with pentesting in vulnerability assessment.

Photo by John Schnobrich on Unsplash

Jason Chavarría


Is your security testing covering the right risks?

You need to prioritize the security testing techniques that cover the actual threats you're facing. We explain how Lumu's MITRE ATT&CK® Global Matrix can help.

Photo by Anchor Lee on Unsplash

Jason Chavarría


Benefits of continuous over point-in-time pentesting

Continuous penetration testing beats periodic point-in-time pen tests. We present its benefits and how we overcome challenges to its implementation.

Photo by Nik Shuliahin on Unsplash

Jason Chavarría


For which security standards is pentesting a must-have?

We present whether penetration testing is required for compliance with these security standards: GDPR, GLBA, HIPAA, ISO 27001, PCI DSS, SOC 2 and SWIFT CSCF.

Photo by Thomas Griggs on Unsplash

Jason Chavarría


Pentesting is a system-agnostic approach to security

The types of penetration testing include external and internal network, wireless, IoT, mobile application and social engineering pentesting. Learn more here.

Photo by Dmitry Ratushny on Unsplash

Jason Chavarría


Differences between these security testing approaches

There is confusion around the differences between breach and attack simulation, penetration testing and red teaming. Read this blog post for a clear comparison.

Photo by Kostiantyn Li on Unsplash

Jason Chavarría


Our CLI is an approved AST tool to secure cloud apps

Fluid Attacks' automated tool is recommended by the App Defense Alliance for static scanning under the Cloud Application Security Assessment (CASA) framework.

Photo by Jeff Lemond on Unsplash

Jason Chavarría


How BAS solutions work, their importance and benefits

Learn about what breach and attack simulation is, how it works, its role in security testing, and its benefits for defending against advanced threats.

Start your 21-day free trial

Discover the benefits of our Continuous Hacking solution, which hundreds of organizations are already enjoying.

Start your 21-day free trial
Fluid Logo Footer

Hacking software for over 20 years

Fluid Attacks tests applications and other systems, covering all software development stages. Our team assists clients in quickly identifying and managing vulnerabilities to reduce the risk of incidents and deploy secure technology.

Copyright © 0 Fluid Attacks. We hack your software. All rights reserved.