fix.security Open in urlscan Pro
37.19.207.34  Public Scan

Submitted URL: https://www.fixcloud.io/
Effective URL: https://fix.security/
Submission: On March 27 via api from US — Scanned from US

Form analysis 0 forms found in the DOM

Text Content

Fix
Open main menu
AboutPricingFAQDocsBlogPodcast
Start for freeLog in

For cloud security engineers


THE ASSET INVENTORY FOR YOUR AWS SECURITY POSTURE.

Fix combines user, resource, and configuration data into a centralized dashboard
with full-text search.

 * Understand your cloud resources and configurations.
 * Get notified of policy violations in Slack, Discord, or Teams.
 * Address risks with remediation suggestions.

Start for free
API &WebhooksTicketing& AlertingData
ExportBUILDWORKFLOWSCustomPoliciesComplianceRulesAssetInventoryAUDITSECURITYConfigurationIdentitiesResourcesSNAPSHOTINVENTORY


SECURITY ENGINEERS AT STARTUPS AND FORTUNE 500 COMPANIES USE FIX:

Mars
Kellogg’s
Electronic Arts
Despegar
Payplug
Bloomreach

Kavak

> “The major ‘click’ for me was when I saw how Fix allows you to just search for
> all relationships for all resources. And that was magical, to be honest.”

Fernando Carletti
Senior Software Engineer at Kavak
Lineaje

> “What I like about Fix is that I can actually see the test. What is the config
> setting that you’re auditing, what are the results you’re looking for, and how
> do you determine pass or fail? When the rubber meets the road, what I want to
> know is: what’s the call you’re making on the API?”

Nick Mistry
CISO at Lineaje
CloudZone

> “I’ve never found use in tools that just give me an asset list. With Fix, I
> get filters and scenarios, like public instances with admin rights or IAM
> users without MFA. And then, in one click, I get the recommendation.”

Rotem Levi
Security Engineer at CloudZone


WHY FIX?

Detect, prioritize, and remediate critical cloud risks.

Fix connects to cloud APIs to take full snapshots of your cloud infrastructure
and technology stack. You get a baseline inventory with a complete view of
accounts, instances, functions, Kubernetes pods, databases, storage buckets, and
all other resources and their configurations in a single place.

The Fix Security Graph also shows relationships between resources, providing the
context to understand critical risks and attack paths—so you can prioritize and
fix the misconfigurations and vulnerabilities that matter.


CSPM

Monitor CIS benchmarks, run compliance scans, and enforce policies. Build
security intelligence on top of your inventory to stay in control and escalate
critical risks.


Inventory

Get a complete picture of your cloud and see what is running with visual maps.
Fix discovers assets and collects rich configuration data for resources, no
matter where, when, or how they were provisioned.


Remediation

Fix integrates with your workflow, ticketing, and messaging tools. Set up alerts
and automations for policy violations to make it easy for your engineers to keep
infrastructure updated and tidy.


PRICING

Foundational AWS security for your whole company. Free for engineers to try.

Fix pricing scales on a per-cloud-account basis, with an add-on to buy more
seats for your team. We offer a free tier and two-week trials.


FREE

For solo software engineers who want to secure a single cloud account.

$0

(maximum of 1 cloud account)

Monthly scans

1 seat max

Features:

 * 1-month history
 * Asset inventory
 * Inventory search
 * Neighborhood view
 * Security benchmarks
 * Monthly email report
 * Remediation recommendations
 * Core CSPM scanning capabilities

Get started


PLUS

For growing teams looking to stay secure as they build out infrastructure.

$30per cloud account, per month

(minimum of 3 cloud accounts)

Daily scans

2 seats included (20 max)

Everything in Free, and:

 * 3-month history
 * Email alerts
 * Weekly email report
 * Data export (CSV, JSON, PDF)

Get started


BUSINESSMOST POPULAR

For engineering teams looking to automate their cloud infrastructure security.

$40per cloud account, per month

(minimum of 10 cloud accounts)

Hourly scans

5 seats included (50 max)

Everything in Plus, and:

 * 6-month history
 * Custom policies (coming soon!)
 * Alerting integrations (PD, Slack, Discord, Teams)
 * Task management integrations (coming soon!)

Get started


ENTERPRISE

For dedicated security teams looking to built an integrated security toolchain.

$50per cloud account, per month

(minimum of 25 cloud accounts)

Hourly scans

20 seats included

Everything in Business, and:

 * 18-month history
 * API access
 * Custom alerting webhooks
 * Single Sign on (coming soon!)
 * Workspace analytics (coming soon!)
 * Snowflake data export (coming soon!)

Get started


ADDITIONAL SEATS

$5per seat, per month

Add additional seats to any paid plan.


CUSTOM PLANS

Schedule a call with us →

Need more seats, support for custom data sources, or private deployment options?


FREQUENTLY ASKED QUESTIONS

What is Fix?

Fix is a CSPM tool. Fix performs routine compliance checks against snapshots of
your infrastructure, identifies misconfigurations, and provides recommendations
and workflows to correct detected issues.

What is CSPM, and why is it necessary?

Cloud Security Posture Management (CSPM) helps maintain the security,
compliance, and operational efficiency of your cloud infrastructure. Security
and compliance are a shared responsibility between cloud providers and their
customers:

 * Security of the cloud: Cloud providers are responsible for the underlying
   network and infrastructure.
 * Security in the cloud: Customers are responsible for the data they store,
   access policies and regulatory compliance.

Adherence to security and compliance policies determines a company’s security
posture, and it is the customer’s responsibility to perform the necessary
checks. CSPM standardizes and automates these checks.

How does Fix work?

Fix creates snapshots of your infrastructure’s resource inventory at regular
intervals. The data collection process is comparable to an ELT pipeline, a
widely recognized approach in cloud security referred to as “agentless
scanning.”

 * Fix Collectors harvest configuration data for each individual resource via
   cloud provider APIs and send this data to Fix Core.
 * Fix Core stores metadata in a graph-based inventory and provides APIs to
   query and update the graph.

The graph contains a complete representation of all resources and their
relationships. By combining security data with these connections, Fix identifies
potential pathways to a security breach. This empowers security engineers to
pinpoint critical risks in their infrastructure.

What is included in a “snapshot” of my cloud?

A cloud snapshot is a complete representation of your cloud infrastructure that
includes all components and configurations—compute instances, storage buckets,
serverless functions, etc. Snapshots not only list resources, but also capture
the relationships and connections between resources.

The significance of snapshots lies in their non-invasive nature when it comes to
conducting security assessments. With snapshots, you avoid direct interactions
with your live production environment, minimizing any potential disruptions.

Which cloud providers are supported?

Fix currently only supports AWS, but we’re working on rolling out support for
Kubernetes, Google Cloud, Azure, and DigitalOcean.

How does Fix connect to my cloud?

Fix requires read-only API access to the cloud accounts you wish to monitor and
secure.

Manually maintaining these permissions is a tedious task, so we provide a
CloudFormation template that automatically creates a role with the required
permissions and a trust that allows a specified AWS account to assume this role.

How does Fix protect my data?
 * Fix does not access the actual data stored on your storage volumes or
   buckets. Fix operates without an agent, only reading the configuration data
   of your cloud resources via cloud provider APIs. This approach allows Fix to
   scan for and identify security vulnerabilities and misconfigurations.
 * Fix also utilizes an isolation concept known as workspaces to organize and
   secure your data. When you create a Fix account, a workspace is created
   specifically for you. You have the option to invite others to join your
   workspace, but by default only the owner of a Fix workspace can view its
   data.
 * Additionally, Fix allocates a dedicated database for every workspace. Data
   pertaining to your workspace is stored in a database exclusively for your
   use, rather than being commingled in a shared database with other Fix
   customer data. This architecture not only segregates customer data (enhancing
   privacy), but also mitigates a range of security vulnerabilities associated
   with shared databases, such as SQL injection attacks.

Can Fix run in my VPC or hybrid environment?

Yes! This is supported in our Enterprise plan. Please contact us via email at
hi@fix.security for details.

What compliance checks are supported?

Fix currently supports the CIS AWS Benchmark (v1.5 & v2.0) and AWS
Well-Architected Framework Security Pillar out-of-the-box. This benchmark
provides a standardized set of controls to evaluate the security posture of AWS
resources.

In addition, you can define custom checks and benchmarks—Fix offers the
flexibility to tailor compliance assessments to your organization’s specific
requirements.

We’re actively working on expanding our support for various frameworks and
benchmarks. If there is a particular framework or benchmark you’d like us to
prioritize on our roadmap, please don’t hesitate to reach out to us via email at
hi@fix.security.

What cloud resources are supported?

Fix currently supports over 150 AWS resources, including the most popular AWS
compute, storage, database, and network products: EC2, S3, RDS, and API Gateway.

Is it possible to export the raw data collected by Fix?

Yes! We designed Fix with support for data export to various destinations,
including S3, Postgres, and Snowflake. For details, get in touch with us via
email at hi@fix.security.

What is the licensing for Fix?

Fix is licensed under the GNU AGPL v3. This open-source license ensures that the
source code of Fix is freely available to the community.

The ability to access and inspect the source code is of particular importance
for security engineers, as it allows for the software to be vetted for potential
vulnerabilities and security flaws.

My question isn’t listed above.

Email us at hi@fix.security! We'll be more than happy to assist you.

About
Pricing
FAQ
Docs
Blog
Podcast
Privacy
Terms
LinkedInGitHubDiscordSpotifyBlog RSS feed

© 2024 Some Engineering Inc. All rights reserved.



We use cookies and other tracking technologies to analyze site usage and assist
in marketing efforts. For details, see our cookie policy.

AcceptReject