Build and deploy secure software with our Continuous Hacking plans
Leverage vulnerability scanning + AI + Expert intelligence
For teams that want to discover risk exposure with speed and accuracy
A combination of technology and human know-how
Get a more accurate knowledge of the security status of your software.
Vulnerabilities of higher severity
Discover vulnerabilities whose exploitation could have a more damaging impact on your organization.
Talk to our hackers to solve your doubts about complex reported vulnerabilities.
Compare all features of both plans
We find and report vulnerabilities continuously as your technology evolves
Here is a detailed overview of our plans' features.
Try for free
Continuous vulnerability scanning, reporting and reattacks
SAST, DAST, SCA and CSPM
Low rates of false positives
Platform, API and VS Code extension
Control of the whole remediation process
SCR, MPT, MAST and RE
Optimization of vulnerability search with AI
Detection of more vulnerability types and higher risk exposure
Low rates of false negatives
Talk to a hacker
Frequently asked questions
Everything you need to know about our Continuous Hacking plans.
About Fluid Attacks
With what industries does Fluid Attacks have experience?
Fluid Attacks has experience with a wide range of industries, including banking, finance, technology, insurance, healthcare and transportation.
Plans' benefits and features
What is required to start a subscription of Continuous Hacking?
To start security testing, you must have a repository for evaluation that is accessible through the Internet and hosted on Git.
What are the main differences between Machine Plan and Squad Plan?
Machine Plan involves vulnerability scanning using SAST, DAST, SCA and CSPM, whereas Squad Plan combines this with security testing done by certified ethical hackers, whose manual techniques yield more severe findings. Further, while Machine Plan offers support options such as Live chat, Squad Plan takes it to the next level with Talk to a hacker.
What does Fluid Attacks' support entail?
Our support goes from answering general questions about using our platform to allowing our customers to schedule meetings with our hackers. Support options vary depending on the Continuous Hacking plan. Live chat, email help, Learn how to use and our documentation are available in both Machine Plan and Squad Plan. Consulting and Talk to a hacker are options only in Squad Plan.
What does your DevSecOps agent do?
DevSecOps integrates security throughout the continuous integration and continuous delivery (CI/CD) processes. Our clients can install our DevSecOps agent in their CI/CD pipelines to check whether any changes to their repositories fail to comply with the organizations’ vulnerability acceptance policies. If so, the agent prevents deployment.
What does low rates of false positives and false negatives mean?
False positives are erroneous reports about the existence or presence of vulnerabilities. False negatives are erroneous reports about the in-existence or absence of vulnerabilities. Therefore, low rates of both means that reports are accurate, containing very few errors. Further, this allows you to wisely allocate resources to remediation.
Do I get billed per author?
Both Machine Plan and Squad Plan allow access for an unlimited number of members to our platform. However, only in Squad Plan do we bill you per active author (i.e., each member who makes changes during the month to the repository under our evaluation).
Can I manage multiple applications or systems with one single account?
Yes. And you can easily navigate them on our platform.
Can I acquire a combination of plans?
You cannot. Squad Plan is an upgraded version of Machine Plan. Everything from the latter is included in the former. This does not mean that you cannot be subscribed to both plans at the same time: You can choose one plan for each of your applications.
Would manual testing delay the deployment to production?
It would not. We clone your repositories and do the manual testing on those cloned versions. This does not halt developers from deploying.
Machine Plan free trial
What's included in the free trial?
The free trial includes: (a) continuous vulnerability scanning with SAST, DAST, SCA and CSPM; (b) deployment of our DevSecOps agent in your CI/CD, and (c) access to our platform to learn about the security testing results, assign remediation to members of your development team, track risk exposure, get expert support, and more. Get started now.
What happens when the free trial ends?
When your free trial is over, you can become a client to enjoy the paid Machine Plan or Squad Plan. If you choose not to pay for a subscription, we will make sure that your organization on the platform and all the sensitive information you trusted us with (e.g., credentials) is safely removed.
Which programming languages are supported by the free trial?
Can I skip the Machine Plan trial and start with the Squad Plan?
You can contact us to start your paid Squad Plan subscription whenever you want, even if you are still in the Machine Plan free trial.
How does Fluid Attacks protect my information?
We commit to upholding the highest security standards to protect your information and ours. These include encrypting data, hiring our employees directly, providing safe authentication options, complying with access control best practices, and securing the delivery of sensitive data, among others. We invite you to read all of our security measures.