Fluid Attacks logo
Login
Contact Us
Young hacker smiling
Zero false positives

Expert intelligence + effective automation

Contact logo Contact Us
GET A DEMO
Computer showing a graph

Digression to Regression

Simple linear regression in scikit

After our risk quantification series, it should come as no surprise that we like numbers and measuring. However, when confronted with the question, "Why do you need to translate code into...



Photo by NESA by Makers on Unsplash

Sastisfying App Security

An introduction to SAST

SAST is a type of white box test in which a set of technologies is used to analyze the source code, byte code or the application binaries in order to reveal known security vulnerabilities that can...



Data Has A Better Idea. Photo by Stefan Steinbauer on Unsplash: https://unsplash.com/photos/1K6IQsQbizI

Vulnerabilities in Deep Learning

Deep Learning for vulnerability disclosure

Currently, data scientists have begun using AI (Artificial Intelligence) algorithms to solve problems from the data perspective. Data scientists have been working on problems related to areas like...



Foosball red vs blue. Photo by Stefan Steinbauer on Unsplash: https://unsplash.com/photos/va-B5dBbpr4

Red Team exercise

What is a Red Team exercise?

Red Team refers to a team of professional hackers that attempts to access a system through simulating a cyberattack. During a Red Team exercise each team member plays a specific role while the...



Digital heart beat monitor on Unsplash https://unsplash.com/photos/0lrJo37r6Nk

HealthTech Protection

How healthcare breakthroughs could help cybersecurity

Many startups are achieving success by redefining how the economy works. Xtechs (financial, health, insurance, among others) are reducing operational costs and delivering more value to customers,...



Person using a Syringe filled with bad stuff

Tainted love

It's all about sanitization

In several past articles, we have briefly touched on the concept of taint analysis. In this article, we will fill in the knowledge gaps regarding taint analysis which may have resulted from our...



CPU Usage. Photo by Alberto Duo on Unsplash: https://unsplash.com/photos/e4rcg33x4fA

Cryptojacking, a real malware?

Understanding cryptojacking "malware"

Before we begin, we need a brief definition of blockchain. It is simply a unique, consensual, and distributed registry on the network that allows storage of information that cannot be modified,...



Bookshelf with some books

Learning how to code

A chat with Ricardo Yepes. Part 2.

We continue our conversation with Ricardo. We threw him a question that was the source of interesting debates at Fluid Attacks some time ago. Should a company invest in security awareness...



Bookshelf with some books

We need more training in basic stuff

A chat with Ricardo Yepes. Part 1.

Ricardo is a DevOps engineer in Australia. Previously, he worked for Fluid Attacks as a security analyst and instructor. He also spent a couple of years developing and maintaining an educational...



Photo by KP Bodenstein on Unsplash: https://unsplash.com/photos/ElQI4kGSbiw

Fool the Machine

Trick neural network classifiers

Artificial Neural Networks (ANNs) are certainly a wondrous achievement. They solve classification and other learning tasks with great accuracy. However, they are not flawless and might misclassify...



Toasting Marshmallow. Photo by hcmorr on Unsplash: https://unsplash.com/photos/qlHRuDvaxL8

Roasting Kerberos

Attacking a DC using kerberoast

Kerberos is a protocol developed by MIT used to authenticate network services. It is built using secret-key cryptography and uses a trusted third-party server called Authentication Server. This...



Git. Photo by Yancy Min on Unsplash: https://unsplash.com/photos/842ofHC6MaI/

Big Code

Learning from open source

In our Machine Learning (ML) for secure code series the mantra has always been the same: to figure out how to leverage the power of ML to detect security vulnerabilities in source code, regardless...




Service status - Terms of Use