Build and deploy secure software with our Continuous Hacking plans
Leverage vulnerability scanning + AI + Expert intelligence
For teams that want to discover risk exposure with speed and accuracy
A combination of technology and human know-how
Get a more accurate knowledge of the security status of your software.
Vulnerabilities of higher severity
Discover vulnerabilities whose exploitation could have a more damaging impact on your organization.
Unlimited support
Talk to our hackers to solve your doubts about complex reported vulnerabilities.
Compare all features of both plans
We find and report vulnerabilities continuously as your technology evolves
Here is a detailed overview of our plans' features.
Essential plan Try for free | Advanced plan Contact now | |
|---|---|---|
Continuous vulnerability scanning, reporting and reattacks |  | |
SAST, DAST, SCA and CSPM | | |
Low rates of false positives | | |
CLI, platform, API and integrations (VS Code, Jira, GitLab and Azure) | | |
Control of the whole remediation process | | |
DevSecOps agent | | |
SCR, MPT, MAST and RE |  | |
Optimization of vulnerability search with AI | | |
Detection of more vulnerability types and higher risk exposure | | |
Low rates of false negatives | | |
Talk to a hacker | | |
Fluid Attacks vs Others
Accurate | Completeness | All in one | Compliance | Support | Break the build | Remediation | Attack correlation | |
|---|---|---|---|---|---|---|---|---|
Fluid Attacks |  | | | | | | | |
Veracode |  |  |  | |  | | | |
SonarQube | | | | | | | | |
Synopsys | | | | | | | | |
Fortify | | | | | | | | |
Checkmarx | | | | | | | | |
2. Completeness: Low rates of false negatives (escapes).
3. All in one: Comprehensive testing (SAST, DAST, SCA, CSPM, SCR, MPT y RE) through a single solution.
4. Compliance: Validation of a set of international security standards and company-specific requirements.
5. Support: A single support plan (all benefits, no additional costs).
6. Break the build: The build is broken independently from the development team.
7. Remediation: By performing remediation, clients can achieve maximum security within a single service.
8. Attack correlation: Correlation of vulnerabilities to find new ones of greater impact.
Check out more items at https://help.fluidattacks.com/portal/en/kb/find-security-vulnerabilities/compare-fluid-attacks-with-others
Current capability
Little or not capability
Adequated
Basic
Good
Comprehensive
Frequently asked questions
Everything you need to know about our Continuous Hacking plans.
About Fluid Attacks
With what industries does Fluid Attacks have experience?
Fluid Attacks has experience with a wide range of industries, including banking, finance, technology, insurance, healthcare and transportation.
Plans' benefits and features
What is required to start a subscription of Continuous Hacking?
To start security testing, you must have a repository for evaluation that is accessible through the Internet and hosted on Git.
What are the main differences between Essential plan and Advanced plan?
Essential plan involves vulnerability scanning using SAST, DAST, SCA and CSPM, whereas Advanced plan combines this with security testing done by certified ethical hackers, whose manual techniques yield more severe findings. Further, while Essential plan offers support options such as Live chat, Advanced plan takes it to the next level with Talk to a hacker.
What does Fluid Attacks' support entail?
Our support goes from answering general questions about using our platform to allowing our customers to schedule meetings with our hackers. Support options vary depending on the Continuous Hacking plan. Live chat, email help, Learn how to use and our documentation are available in both Essential plan and Advanced plan. Consulting and Talk to a hacker are options only in Advanced plan.
What does your DevSecOps agent do?
DevSecOps integrates security throughout the continuous integration and continuous delivery (CI/CD) processes. Our clients can install our DevSecOps agent in their CI/CD pipelines to check whether any changes to their repositories fail to comply with the organizations’ vulnerability acceptance policies. If so, the agent prevents deployment.
What does low rates of false positives and false negatives mean?
False positives are erroneous reports about the existence or presence of vulnerabilities. False negatives are erroneous reports about the in-existence or absence of vulnerabilities. Therefore, low rates of both means that reports are accurate, containing very few errors. Further, this allows you to wisely allocate resources to remediation.
Do I get billed per author?
Both Essential plan and Advanced plan allow access for an unlimited number of members to our platform. However, only in Advanced plan do we bill you per active author (i.e., each member who makes changes during the month to the repository under our evaluation).
Can I manage multiple applications or systems with one single account?
Yes. And you can easily navigate them on our platform.
Can I acquire a combination of plans?
You cannot. Advanced plan is an upgraded version of Essential plan. Everything from the latter is included in the former. This does not mean that you cannot be subscribed to both plans at the same time: You can choose one plan for each of your applications.
Would manual testing delay the deployment to production?
It would not. We clone your repositories and do the manual testing on those cloned versions. This does not halt developers from deploying.
Essential plan free trial
What's included in the free trial?
The free trial includes: (a) continuous vulnerability scanning with SAST, DAST, SCA and CSPM; (b) deployment of our DevSecOps agent in your CI/CD, and (c) access to our platform to learn about the security testing results, assign remediation to members of your development team, track risk exposure, get expert support, and more. Get started now.
What happens when the free trial ends?
When your free trial is over, you can become a client to enjoy the paid Essential plan or Advanced plan. If you choose not to pay for a subscription, we will make sure that your organization on the platform and all the sensitive information you trusted us with (e.g., credentials) is safely removed.
Which programming languages are supported by the free trial?
The free trial offers all the benefits of Essential plan, which supports the following programming languages: .NET, Bash, C-Sharp, Go, HTML, Java, JavaScript, Kotlin, Python, Ruby and Typescript. Start your free trial now.
Can I skip the Essential plan trial and start with the Advanced plan?
You can contact us to start your paid Advanced plan subscription whenever you want, even if you are still in the Essential plan free trial.
Information security
How does Fluid Attacks protect my information?
We commit to upholding the highest security standards to protect your information and ours. These include encrypting data, hiring our employees directly, providing safe authentication options, complying with access control best practices, and securing the delivery of sensitive data, among others. We invite you to read all of our security measures.
