Fluid Attacks logo
Login
Contact Us
Young hacker smiling
Zero false positives

Expert intelligence + effective automation

Contact logo Contact Us
GET A DEMO
Lock on a fence

Secure Cloud as Code

The weakest link in security is not the technology.

Amazon Web Services (AWS) is one of the biggest cloud services used by thousands of companies around the world, and with a centralized and strong security, it is one of the best on the market....



Broken blue ceramic plate on Unsplash: https://unsplash.com/photos/Odc4dcsjUBw

The F*CK strategy

The pratfall effect application on business

Do you like fried chicken? A year ago or so, KFC -the chicken fast-food chain- was featured in almost every news outlet in the UK: they ran out of chicken for an entire weekend. A horror story for...



Yellow police line tape on Unsplash: https://unsplash.com/photos/jM6Y2nhsAtk

Do not read this post

What if this post were a malicious link?

Why the f*ck did you click to this post? Seriously, why? Chances are, you were attracted to the title, paradoxically, suggesting not to do something. But, here you are. We are glad you did not...



Finance simulation. Photo by M. B. M. on Unsplash: https://unsplash.com/photos/ZzOa5G8hSPI

Quantitative Python

Risk management with Python

Now that we have an understanding of risk concepts such as the loss exceedance curve, value-at-risk, Bayes Rule, and fitting distributions, we would like to have a realiable, extensible and...



Fire extinguisher. Photo by Tommaso Pecchioli on Unsplash: https://unsplash.com/photos/XG_wi3W4-m8

Para bellum

Prepare for the worst risk

"Si vis pacem, para bellum", goes the old adage. If you want peace, prepare for war. In our case, the worst possible risky scenario our information assets could go into. While probability...



Baseball hit. Photo by Chris Chow on Unsplash: https://unsplash.com/photos/BhwRQr08PcM

Hit or miss

Estimating attack probability

One of the main obstacles against adopting a quantitative approach to risk management is that since major security breaches are relatively rare and hence, there cannot be enough data for proper...



New information. Photo by M. Parzuchowski on Unsplash: https://unsplash.com/photos/GikVY_KS9vQ

Updating your beliefs

How Bayes Rule affects risk

Usually, changing our beliefs is seen as a negative thing. But when those beliefs represent our state of uncertainty regarding a particular cybersecurity risk, you’d better use all the tools at...



Computer with do what is great sign.

Git on steroids

From messy logs to Data Analytics

There is a universal law that anyone in the tech world should know: If you ask a programmer to do something, he/she will do it their way. Even though creativity, abstract thinking, and putting...



Numbers notes on Unsplash: https://unsplash.com/photos/aG-pvyMsbis

Monetizing vulnerabilities

From probabilites to dollars and cents

In our previous article, we merely scratched the surface of the problem that quantifying risks poses, barely touching on concepts such as calibrated estimation, confidence intervals and specifying...



Risky poker move. Credits: https://unsplash.com/photos/vBpd607jLXs

Quantifying risk

From color scales to probabilities and ranges

One of the least understood parts of a vulnerability is the risk it poses to the target. On the client side, it tends to get confused with impact and occurrence likelihood, due to devices like the...



Binary machine learning. Credits: https://unsplash.com/photos/h3sAF1cVURw

Binary learning

Learning to exploit binaries

While our main focus, as stated previously, is to apply machine learning (ML) techniques to the discovery of vulnerabilities in source code, that is, a white-box approach to ML-guided hacking,...



Depiction of a deep neural network. Credits: https://unsplash.com/photos/R84Oy89aNKs

Deep Hacking

Deep learning for vulnerability discovery

If we have learned anything so far in our quest to understand how machine learning (ML) can be used to detect vulnerabilities in source code, it’s that what matters the most in this process are...




Service status - Terms of Use