Know the differences between continuous hacking and one-shot hacking offered by Fluid Attacks. To this end we present the following table:

Table 1. Comparison between Continuous and One-Shot Hacking services.

Aspects Continuous Hacking One-Shot Hacking

Attack Cycles

Multiple 1.

Only 1 1.

Remediation Support

yes Yes. 2

no No. 2

Average duration

12-36 months 3.

1-4 months 3.

Multiple hackers

yes A minimum of 5 hackers test your system.

info A minimum of 2 hackers test your system.

Face-to-face delivery

info Unlimited within the contract period. All information deliveries are made via

our Attack Surface Manager (ASM) 4.

yes Limited to two within the contract period:

  • 1 meeting via video-teleconferencing 4.
  • 1 final results summary meeting at your location 5.

Detection time

yes Early.

  • Vulnerabilities are detected during development.

info Late.

  • Vulnerabilities are detected when the system is close to production.


yes Continuous alerting system via email to the project stakeholders about the current state of the project 5.

yes Alerting system via email to the project stakeholders when an anomaly is reported.


yes Up-to-date information about your system’s security.

info Information about your system’s security at only one particular point in time.


yes 100% when:

  • We start simultaneously with development.
  • We attack all versions of the existing code up to the subscription starting point to catch up, if necessary, with the development team.
  • Hacking does not stop, even without new developments in the project.

info Agreed upon by both the customer and Fluid Attacks before testing begins 6.


yes Environments:

  • Can constantly change.
  • Are not necessarily frozen.
  • Windows are not required for hacking.

info Frozen environments and test windows are required.


no Environments are not infected with cyberweapons.

yes Work stations and critical servers are infected with cyberweapons.

Remediation percentage

yes Up to 100% of reported vulnerabilities can, potentially, be remediated.

yes Up to 80% of reported vulnerabilities can, potentially, be remediated.



Remote or on premises.

Time to remediate

yes 2 - 3 weeks.

info 3 - 4 months.


Monthly payment.

1 or 2 payments.

Want further information about our services? Do not hesitate to contact us.