Fixinator and Foundeo Security Bundle
What is Fixinator?
Fixinator is a CFML security code scanner that can not only find security issues in your code it can also help you fix them (hence the name). Take a look at the screenshot below to see how it works:
Fixinator is looking for all sorts of CFML specific security vulnerabilities in the code. Working as a ColdFusion security consultant over the past 10 or so years, I have conducted dozens of reviews of real world CFML code and systems. Fixinator attempts to bottle up as much of that experience as possible and bring it to your fingertips.
What is this Continuous Security you speak of?
Continuous security is a method of adding automatic security checks. Security experts find that when you bring security tools closer to the developer less security vulnerabilities exist in the code.
Fixinator fits well into this model, you can easily set it up to scan your code every time you commit to version control. It doesn't matter if you are using GitHub, GitLab, Bitbucket, any other git provider or even a subversion repository it is pretty easy to setup (and Foundeo is happy to help you set it up). Here's a few examples of setting up Fixinator in a continuous integration pipeline using a few different providers:
- Running Fixinator on Azure DevOps Pipelines or Team Foundation Server (TFS) - Azure DevOps or TFS (on premises) can connect to any Git or Subversion repository to scan your code automatically.
- Running Fixinator on Bitbucket Pipelines - if your code is on BitBucket you can setup a pipeline for free.
- Running Fixinator on Circle CI - supports GitHub and Bitbucket Repos
- Running Fixinator on GitLab - GitLab also has a free tier that you can take advantage of.
- Running Fixinator on TravisCI - TravisCI supports GitHub repositories
Here's an example of setting up an Azure DevOps pipeline that runs Fixinator:
What is the Foundeo CFML Continuous Security Bundle?
With the addition of Fixinator, Foundeo now has 3 CFML security products: FuseGuard, HackMyCF, and Fixinator. There are already several companies that have purchased all three tools, so it only made sense to offer a bundle where you can get all three tools at a discounted price. Pricing for the bundle starts at $96/month.
Like this? Follow me ↯Tweet Follow @pfreitag
Fixinator and Foundeo Security Bundle was first published on May 14, 2019.
If you like reading about coldfusion, cfml, security, fixinator, fuseguard, or hackmycf then you might also like:
- Scope Injection in CFML
- CFSummit 2016 Slides
- New HackMyCF Features
- HackMyCF Updated for APSB11-29 Security Hotfix
- Adobe eSeminar on FuseGuard
- Determining Which Cumulative Hotfixes are Installed on ColdFusion
- Client Variable Cookie CFGLOBALS Includes Session Ids
- Maximum Security CFML - cfObjective Slides
The FuseGuard Web Application Firewall for ColdFusion & CFML is a high performance, customizable engine that blocks various attacks against your ColdFusion applications.