Compliance
At Fluid Attacks, we compile diverse international standards and regulations, focused on the security of systems and information assets, that guide us in evaluating your software.
OWASP
OWASP is a non-profit foundation committed to improving software
security. They establish various cybersecurity risk rankings. With our
vulnerability detection, we can help you meet the corresponding
requirements so that your company’s IT systems are protected from such
risks.
Go to OWASP
PCI
PCI DSS is a standard created by the Payment Card Industry that
establishes minimum requirements to be fulfilled by companies that
manage cardholder information. We can assist you in detecting
vulnerabilities in your systems related to this standard through our
ethical hacking.
Go to PCI
HIPAA
HIPAA is a legislation created in the U.S. to regulate and optimize the
flow of Protected Health Information (PHI) within the healthcare
environment. We support you in complying with this legislation by
identifying vulnerabilities in your systems that could allow attackers
to breach data privacy.
Go to HIPAA
NIST
The NIST SP 800-53 is a U.S. security and privacy control database that
can guide the protection of federal agencies' and citizens' private
information. We can help you follow this standard’s security best
practices by discovering the weaknesses in your systems associated with
them.
Go to NIST
GDPR
GDPR is a European regulation for data protection and privacy that
applies to any organization that stores, processes or transfers European
citizens' personal information. We help you achieve compliance with this
regulation, starting with identifying all relevant vulnerabilities in
your software.
Go to GDPR
CVE
CVE is a free-to-use list of publicly known cybersecurity
vulnerabilities. Services and products worldwide incorporate it to
ensure certainty among stakeholders when communicating vulnerabilities.
We work and stay updated based on the CVE IDs for our findings and
reports when evaluating your systems.
Go to CVE
CWE
CWE is a free-to-use list of popular hardware and software weaknesses.
It works as a standard language for security operations and tools that
detect, eliminate and prevent weaknesses or flaws. We work and keep
updated based on CWE for our findings and reports when evaluating your
systems.
Go to CWE