urlscan.io logo urlscan.io
SecurityTrails logo

fix.security Open in urlscan Pro
2400:52e0:1e00::1082:1  Public Scan

Back to summary
Submitted URL: https://fix-security.com/
Effective URL: https://fix.security/
Submission: On June 24 via api from BE — Scanned from DE

Form analysis 1 forms found in the DOM

<form class="mx-auto flex max-w-md gap-x-4"><label for="email" class="sr-only">Email address</label><input id="email" type="email" autocomplete="email" placeholder="Email address" required=""
    class="min-w-0 flex-auto rounded-lg border-0 bg-white px-3.5 py-2 text-base text-gray-900 ring-1 ring-inset placeholder:text-gray-400 focus:ring-2 focus:ring-inset ring-gray-400 focus:ring-cornflower-blue-600" name="email"><button type="submit"
    disabled=""
    class="inline-flex items-center whitespace-nowrap font-bold focus:outline-none focus-visible:ring focus-visible:ring-cornflower-blue-500 border disabled:opacity-50 transition-colors duration-75 rounded-md px-4 py-2 text-base border-cornflower-blue-600 bg-cornflower-blue-600 text-white hover:border-cornflower-blue-700 hover:bg-cornflower-blue-700 hover:text-white active:border-cornflower-blue-800 active:bg-cornflower-blue-800 disabled:border-cornflower-blue-600 disabled:bg-cornflower-blue-600 disabled:cursor-not-allowed">Subscribe</button>
</form>

Text Content

Fix Security
Open main menu
AboutPricingDocs
Compare
Fix Security vs. AWS ConfigFix Security vs. Wiz
Blog
Cloud security

The latest trends, best practices, and insights in cloud security.

News

The latest updates from the Fix Security team.

Product

In-depth articles about the Fix Security platform and its features.


RECENT POSTS

See all →
 * Cloud securityJune 7, 202411 min read
   What is a cloud-native application protection platform (CNAPP)?
 * NewsMay 6, 20246 min read
   Security workflows, and what we’re building next
 * Cloud securityMay 2, 202410 min read
   AWS cloud security best practices

Podcast


RECENT EPISODES

See all →
 * April 7, 20241 hr 4 min
   Normalizing security data, federated search, and OCSF
 * March 31, 202458 min
   Building an open-source CSPM service
 * March 26, 20241 hr 5 min
   5-step framework for security and compliance programs

Start for freeLog in

For developers and security engineers


CONTINUOUS CLOUD SECURITY

Your cloud is dynamic and changes by the hour. Built on open source, Fix
Security regularly scans and checks your cloud so you stay secure and compliant.

 * Agentless scanning
 * Developer-friendly API and CLI
 * Preconfigured benchmarks and queries

Start for free
SnapshotInventoryAuditSecurityBuildWorkflowsResourcesDataExportAssetInventoryIdentitiesConfigurationComplianceRulesCustomPoliciesTicketing&
AlertingAPI
&WebhooksSnapshotInventoryAuditSecurityBuildWorkflowsAssetInventoryResourcesData
ExportIdentitiesConfigurationComplianceRulesCustomPoliciesTicketing& AlertingAPI
&Webhooks


SECURITY ENGINEERS AT STARTUPS AND FORTUNE 500 COMPANIES USE FIX SECURITY:

Mars
Kellogg’s
Electronic Arts
Despegar
Payplug
Bloomreach

Kavak

> “The major ‘click’ for me was when I saw how Fix Security allows you to just
> search for all relationships for all resources. And that was magical, to be
> honest.”

Fernando Carletti
Senior Software Engineer at Kavak
Lineaje

> “What I like about Fix Security is that I can actually see the test. What is
> the config setting that you’re auditing, what are the results you’re looking
> for, and how do you determine pass or fail? When the rubber meets the road,
> what I want to know is: what’s the call you’re making on the API?”

Nick Mistry
CISO at Lineaje
CloudZone

> “I’ve never found use in tools that just give me an asset list. With Fix
> Security, I get filters and scenarios, like public instances with admin rights
> or IAM users without MFA. And then, in one click, I get the recommendation.”

Rotem Levi
Security Engineer at CloudZone


WHY FIX SECURITY?

Detect, prioritize, and remediate critical cloud risks.

Fix Security connects to cloud APIs to take full snapshots of your cloud
infrastructure and technology stack. You get a baseline inventory with a
complete view of accounts, instances, functions, Kubernetes pods, databases,
storage buckets, and all other resources and their configurations in a single
place.

The Fix Security graph also shows relationships between resources, providing the
context to understand critical risks and attack paths—so you can prioritize and
fix the misconfigurations and vulnerabilities that matter.


CSPM

Monitor CIS benchmarks, run compliance scans, and enforce policies. Build
security intelligence on top of your inventory to stay in control and escalate
critical risks.


Inventory

Get a complete picture of your cloud and see what is running with visual maps.
Fix Security discovers assets and collects rich configuration data for
resources, no matter where, when, or how they were provisioned.


Remediation

Fix Security integrates with your workflow, ticketing, and messaging tools. Set
up alerts and automations for policy violations to make it easy for your
engineers to keep infrastructure updated and tidy.


PRICING

Foundational AWS security for your whole company. Free for engineers to try.

Fix Security pricing scales on a per-cloud-account basis, with an add-on to buy
more seats for your team. We offer a free tier and two-week trials.


FREE

For solo software engineers who want to secure a single cloud account.

$0

maximum of 1 cloud account

Monthly scans

1 seat maximum

Features:

 * 1-month history
 * Asset inventory
 * Inventory search
 * Neighborhood view
 * Security benchmarks
 * Monthly email report
 * Remediation recommendations
 * Core CSPM scanning capabilities

Support:

 * Community support

Get started


PLUS

For growing teams looking to stay secure as they build out infrastructure.

$90/ month

3 cloud accounts included

($30 / month per additional account)

Daily scans

2 seats included (20 max)

Everything in Free, and:

 * 3-month history
 * Email alerts
 * Weekly email report
 * Data export (CSV, JSON, PDF)

Support:

 * Product support via email

Get started


BUSINESSMOST POPULAR

For engineering teams looking to automate cloud infrastructure security.

$400/ month

10 cloud accounts included

($40 / month per additional account)

Hourly scans

5 seats included (50 max)

Everything in Plus, and:

 * 6-month history
 * Custom policies (coming soon!)
 * Alerting integrations (PD, Slack, Discord, Teams)
 * Task management integrations (coming soon!)

Support:

 * Product support via email and live chat

Get started


ENTERPRISE

For dedicated security teams looking to built an integrated security toolchain.

$1250/ month

25 cloud accounts included

($50 / month per additional account)

Hourly scans

20 seats included

Everything in Business, and:

 * 18-month history
 * API access
 * Custom alerting webhooks
 * Single Sign on (coming soon!)
 * Workspace analytics (coming soon!)
 * Snowflake data export (coming soon!)

Support:

 * Product support via email, live chat, and video call
 * Integration advice for your specific cloud environment via video call
 * Optional professional services

Get started


ADDITIONAL SEATS

$5per seat, per month

Add additional seats to any paid plan.


CUSTOM PLANS

Schedule a call with us →

Need more seats, support for custom data sources, or private deployment options?


FREQUENTLY ASKED QUESTIONS

What is Fix Security?

Fix Security is a CSPM tool. Fix Security performs routine compliance checks
against snapshots of your infrastructure, identifies misconfigurations, and
provides recommendations and workflows to correct detected issues.

What is CSPM, and why is it necessary?

Cloud Security Posture Management (CSPM) helps maintain the security,
compliance, and operational efficiency of your cloud infrastructure. Security
and compliance are a shared responsibility between cloud providers and their
customers:

 * Security of the cloud: Cloud providers are responsible for the underlying
   network and infrastructure.
 * Security in the cloud: Customers are responsible for the data they store,
   access policies and regulatory compliance.

Adherence to security and compliance policies determines a company’s security
posture, and it is the customer’s responsibility to perform the necessary
checks. CSPM standardizes and automates these checks.

How does Fix Security work?

Fix Security creates snapshots of your infrastructure’s resource inventory at
regular intervals. The data collection process is comparable to an ELT pipeline,
a widely recognized approach in cloud security referred to as “agentless
scanning.”

 * Fix Collectors harvest configuration data for each individual resource via
   cloud provider APIs and send this data to Fix Core.
 * Fix Core stores metadata in a graph-based inventory and provides APIs to
   query and update the graph.

The graph contains a complete representation of all resources and their
relationships. By combining security data with these connections, Fix Security
identifies potential pathways to a security breach. This empowers security
engineers to pinpoint critical risks in their infrastructure.

What is included in a “snapshot” of my cloud?

A cloud snapshot is a complete representation of your cloud infrastructure that
includes all components and configurations—compute instances, storage buckets,
serverless functions, etc. Snapshots not only list resources, but also capture
the relationships and connections between resources.

The significance of snapshots lies in their non-invasive nature when it comes to
conducting security assessments. With snapshots, you avoid direct interactions
with your live production environment, minimizing any potential disruptions.

Which cloud providers are supported?

Fix Security currently only supports AWS, but we’re working on rolling out
support for Kubernetes, Google Cloud, Azure, and DigitalOcean.

How does Fix Security connect to my cloud?

Fix Security requires read-only API access to the cloud accounts you wish to
monitor and secure.

Manually maintaining these permissions is a tedious task, so we provide a
CloudFormation template that automatically creates a role with the required
permissions and a trust that allows a specified AWS account to assume this role.

How does Fix Security ensure the security and compliance of its systems?

Fix Security is currently undergoing SOC 2 and ISO/IEC 27001 certifications to
demonstrate our commitment to security and compliance best practices.

How does Fix Security protect my data?
 * Fix Security does not access the actual data stored on your storage volumes
   or buckets. Fix Security operates without an agent, only reading the
   configuration data of your cloud resources via cloud provider APIs. This
   approach allows Fix Security to scan for and identify security
   vulnerabilities and misconfigurations.
 * Fix Security also utilizes an isolation concept known as workspaces to
   organize and secure your data. When you create a Fix Security account, a
   workspace is created specifically for you. You have the option to invite
   others to join your workspace, but by default only the owner of a Fix
   Security workspace can view its data.
 * Additionally, Fix Security allocates a dedicated database for every
   workspace. Data pertaining to your workspace is stored in a database
   exclusively for your use, rather than being commingled in a shared database
   with other Fix Security customer data. This architecture not only segregates
   customer data (enhancing privacy), but also mitigates a range of security
   vulnerabilities associated with shared databases, such as SQL injection
   attacks.

Can Fix Security run in my VPC or hybrid environment?

Yes! This is supported in our Enterprise plan. Please contact us via email at
hi@fix.security for details.

What compliance checks are supported?

Fix Security currently supports the CIS AWS Benchmark (v1.5 & v2.0) and AWS
Well-Architected Framework Security Pillar out-of-the-box. This benchmark
provides a standardized set of controls to evaluate the security posture of AWS
resources.

In addition, you can define custom checks and benchmarks—Fix Security offers the
flexibility to tailor compliance assessments to your organization’s specific
requirements.

We’re actively working on expanding our support for various frameworks and
benchmarks. If there is a particular framework or benchmark you’d like us to
prioritize on our roadmap, please don’t hesitate to reach out to us via email at
hi@fix.security.

What cloud resources are supported?

Fix Security currently supports over 150 AWS resources, including the most
popular AWS compute, storage, database, and network products: EC2, S3, RDS, and
API Gateway.

Is it possible to export the raw data collected by Fix Security?

Yes! We designed Fix Security with support for data export to various
destinations, including S3, Postgres, and Snowflake. For details, get in touch
with us via email at hi@fix.security.

What is the licensing for Fix Security?

Fix Security is licensed under the GNU AGPL v3. This open-source license ensures
that the source code of Fix Security is freely available to the community.

The ability to access and inspect the source code is of particular importance
for security engineers, as it allows for the software to be vetted for potential
vulnerabilities and security flaws.

My question isn’t listed above.

Email us at hi@fix.security! We'll be more than happy to assist you.


SUBSCRIBE TO OUR NEWSLETTER TO GET NOTIFIED OF NEW ARTICLES AND UPDATES.

Email addressSubscribe

We care about your data. Read our privacy policy.

About
Pricing
Docs
Blog
Podcast
Privacy
Terms
LinkedInGitHubDiscordSpotifyBlog RSS feed

© 2024 Some Engineering Inc. All rights reserved.

We use cookies and other tracking technologies to analyze site usage and assist
in marketing efforts. For details, see our cookie policy.

AcceptReject