At Fluid Attacks, we compile diverse international standards and regulations, focused on the security of systems and information assets, that guide us in evaluating your software.
OWASP is a non-profit foundation committed to improving software security.
They establish various cybersecurity risk rankings.
With our vulnerability detection, we can help you meet
the corresponding requirements so that your company’s IT systems
are protected from such risks.
PCI DSS is a standard created by the Payment Card Industry
that establishes minimum requirements to be fulfilled by companies
that manage cardholder information.
We can assist you in detecting vulnerabilities in your systems
related to this standard through our ethical hacking.
HIPAA is a legislation created in the U.S.
to regulate and optimize the flow of Protected Health Information (PHI)
within the healthcare environment.
We support you in complying with this legislation
by identifying vulnerabilities in your systems
that could allow attackers to breach data privacy.
The NIST SP 800-53 is a U.S. security and privacy control database
that can guide the protection of federal agencies'
and citizens' private information.
We can help you follow this standard’s security best practices
by discovering the weaknesses in your systems associated with them.
GDPR is a European regulation for data protection and privacy that applies
to any organization that stores, processes or transfers European citizens'
personal information. We help you achieve compliance with this regulation,
starting with identifying all relevant vulnerabilities in your software.
CVE is a free-to-use list of publicly known cybersecurity vulnerabilities.
Services and products worldwide incorporate it to ensure certainty among
stakeholders when communicating vulnerabilities.
We work and stay updated based on the CVE IDs for our findings and
reports when evaluating your systems.
CWE is a free-to-use list of popular hardware and software weaknesses.
It works as a standard language for security operations and tools that detect,
eliminate and prevent weaknesses or flaws. We work and keep updated
based on CWE for our findings and reports when evaluating your systems.