The rigorous inspection carried out makes it possible to detect security issues with minimal rates of false positives and false negatives, and to check if the issues have been properly repaired before the system goes into production. Through human creativity and precision, combined with the speed of the automatic, Drills finds deep and zero-day vulnerabilities during software development.

Key Benefits

Drills screen 1
  • High Performed

    Performed on code, environments, infrastructure and clouds.

  • Deep Searching

    Maximum rigor in the search of vulnerabilities.

  • Real Results

    Forget about false positives and false negatives.

  • Findings

    Find Zero-Day vulnerabilities.

Drills screen 2
  • Remediation

    Obtain a higher rate of remediation and at a faster speed since feedback from Fluid Attacks' security analysts is constant throughout the development cycle.

  • Evidence

    Obtain detailed evidence of the vulnerabilities found.

  • Accessibility

    Obtain access to the extracted information.

Key Features

Selection of Security Requirements

You are able to decide which security requirements will be tested during each ethical hacking assignment: PCI, HIPAA, OWASP, NIST, GDPR. You will know the exact severity of each hacking project (for inspected and uninspected profiled requirements).

Vulnerabilities Management Platform

Findings are reported in Integrates, Fluid Attacks' platform that allows control of the vulnerability testing and remediation processes. You can use it to access general information about each finding, check its remediation status, classify it according to age, visualize real-time system statistics and progress, as well as other functionalities.


Multiple finding validation cycles are performed. You can check if any findings have been successfully closed as many times as you require. In order to perform a remediation validation, you must define the treatment used and then proceed to request a finding validation.

Health Check

All versions of existing code should be attacked up to the subscription start point, in addition to the monthly test limit. A health check is scheduled at the beginning of the subscription in order to catch up with the development team. Then, the continuous hacking advances simultaneously with the development.

Critical Information Extraction

Whenever findings indicate the need to obtain information, the extraction is done to maximize finding impacts without compromising sensitive information.



Young hacker smiling

Drills is part of our Continuous Hacking service, which will enable you to achieve high vulnerability remediation rates

Service status - Terms of Use - Privacy Policy - Cookie Policy

Copyright © 2021 Fluid Attacks, We hack your software. All rights reserved.