# Overview

Flusk offers a comprehensive suite of tools to audit and monitor your app. In this article, we’ll go over the available features, and link to more in-depth content for each section.

## Security

### Testing

Flusk equips you with two different tools for performing tests on demand.

#### Issues explorer

The Issues explorer runs a test across a range of different categories and ranks them by criticality. Each of the categories are explained in-depth in the sub-articles in this series.

* Data Leak
* Page access protection
* Clear data in login workflow
* Temporary password vulnerability
* Public editor
* Unapproved collaborator
* Swagger file
* Password policy
* API Workflow protection
* Privacy rules definition
* Public sensitive fields
* Bubble API Token
* Visible URL in API call
* Public sensitive parameter in API call
* Test version protection
* Default username / password combination
* Unsafe Google Maps API token
* Public picture uploader
* Public file uploader
* Frame restriction

Article: [The issues explorer](https://manual.bubble.io/~/changes/lkknp2T2KBasv7RmhMhx/help-guides/security/flusk/flusk-security-tools/the-issues-explorer)

#### Privacy rules checker

The Privacy Rules Checker analyzes your data types and privacy rules, identifying any data types or fields that may be publicly accessible.

Article section: [Privacy rules checker](https://manual.bubble.io/~/changes/lkknp2T2KBasv7RmhMhx/help-guides/security/flusk-security-tools/the-issues-explorer#privacy-rules-checker)

## Tools

### Automated tests

Automated tests enable you to run security tests automatically, with two different trigger options:

* Automatic test on deploy: this will automatically perform a test whenever your app is deployed to live.
* Scheduled tests: this option lets you set up automated tests on a set schedule (such as daily/weekly/monthly). You can create up to five test schedules.

Article section: [Automated tests](https://manual.bubble.io/~/changes/lkknp2T2KBasv7RmhMhx/help-guides/security/flusk-security-tools/the-issues-explorer#scheduled-tests)

### Advanced

The advanced section contains records, tools and settings for experienced users and larger apps:

* **Test history:** The test history shows a list of completed tests, along with key information about each one.
* **Versions:** This setting allows you to configure which versions will be included in security tests.
* **Page rating**: The page rating setting allows you to tell Flusk which pages should be classified as Safe (publicly accessible to non-logged in users) or Sensitive (restricted to logged-in users/containing sensitive information). This helps Flusk provide more accurate and relevant security test results based on the nature of each page.\
  \
  Article: [Pages rating](https://manual.bubble.io/~/changes/lkknp2T2KBasv7RmhMhx/help-guides/security/flusk/flusk-security-tools/tools-and-settings/pages-rating)<br>
* **Database field rating**: Similarly, the database field rating allows you to specify which fields in your data types are classified as Safe (accessible to non-logged-in users or through API calls) and Sensitive (restricted to logged-in users or containing private information). This helps Flusk ensure that your data fields are secured appropriately, providing more accurate insights into potential vulnerabilities.\
  \
  Article: [Database rating](https://manual.bubble.io/~/changes/lkknp2T2KBasv7RmhMhx/help-guides/security/flusk/flusk-security-tools/tools-and-settings/database-rating)